Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: enorugby.com
I ran this command: certbot --apache --force renewal
It produced this output:
Your existing certificate has been successfully renewed, and the new certificate
has been installed.
The new certificate covers the following domains: https://enorugby.com and
https://www.enorugby.com
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=enorugby.com
https://www.ssllabs.com/ssltest/analyze.html?d=www.enorugby.com
My web server is (include version): Apache 2
The operating system my web server runs on is (include version): Ubuntu 18.04
My hosting provider, if applicable, is: Digital Ocean
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): VestaCP
Sorry is this is a silly question, but I’m a bit new to this. I’ve been searching and can’t find a straightforward set of instructions. What is the proper process for switching from staging to production?
I ran certbot --staging to test my initial setup. Once that was working, I ran certbot --apache to setup the real SSL certificate. I also tried certbot --apache --force-renewal after reading a related post on this forum. Everything seems to run ok, but when I test my site at https://www.ssllabs.com/ssltest/analyze.html?d=enorugby.com, it says my certificate is not trusted. The Issuer is listed as Fake LE Intermediate X1, which I take to mean that it is still looking at my staging certificate. How do I change this? I’m worried that if I keep running certbot blindly, I’ll hit my rate limit.
Thanks.