Created test cert with getssl and now I can't generate full cert

I'm just starting out with Let's Encrypt and I'm using getssl on my Ubuntu 14.04 Apache2 server (on AWS EC2 - domain: I figured I would set the staging server in the getssl.cfg file as a dry run that, as it turns out, was successful. Of course, now online SSL tests on my domain tell me that my certificate is not trusted (calling it "Fake LE Intermediate X1").
When I try to run getssl against the real server (CA=""), I get this error:

certificate for is still valid for more than 30 days (until Nov 26 16:43:00 2016 GMT)

I tried moving the certs/keys out of the cert directory without success.
Anyone know what I'm doing wrong? Do I have to revoke the fake cert before I can create a new one?

Have you tried this switch of getssl?:

-f, --force     Force renewal of cert (overrides expiry checks)
1 Like

Fantastic. Just what the doctor ordered!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.