I'm using certbot with dns-standalone authenticator using the command: certbot certonly --config-dir . --preferred-challenges dns --authenticator certbot-dns-standalone:dns-standalone -d sitename This works fine but I just checked the fullchain.pem and it seems the root certificate in the chain is…

Fullchain.pem still including root "ISRG Root X1" signed by "DST Root CA X3"

JamesLE July 5, 2021, 4:07am 2

Yes, here’s an explanation: Production Chain Changes

2 Likes