Just a thought:
Try setting a self-signed certificate and then disable the server, give it 5 minutes for any cron jobs to run and then re-enable the virtual server.
Are these links any good
- Let's Encrypt trying to renew deleted domains · Issue #185 · virtualmin/virtualmin-gpl · GitHub
- Let's Encrypt automatic renewal: Uses shared certificate instead · Issue #674 · virtualmin/virtualmin-gpl · GitHub
Looks like it’s possible for LE auto-renew to still happen when the cert is shared with another domain … I’ll fix that.