Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output: When I access me website now it automatically changes to HTTPS, which is good, but it redirects to a https://www.a-1surplus.com/ and produces a privacy error: Your connection is not private
Attackers might be trying to steal your information from www.a-1surplus.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID
This server could not prove that it is www.a-1surplus.com; its security certificate is from *.bluehost.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
bluehost.com is my old host, before I migrated to my own VPS.
My web server is (include version): Ubuntu 18
The operating system my web server runs on is (include version): Apache
My hosting provider, if applicable, is: VPS with OVH
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No