Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The operating system my web server runs on is (include version):windows10
My hosting provider, if applicable, is: aws lightsail
Hi, I'm a real beginner...
I've made a website for assignment and was trying to get a ssl certificate through certbot.
I think I somehow succeed to get one, yet another problem has just occurred which is..
why is it still not secure? It says the provider is (STAGING) Artificial Apricot R3.
Should I get another new ssl certificate or have I done something wrong?
The staging server is for testing to be ready to do a "production run" and obtain a real certificate. Thank you for using the staging environment initially.
You can re-run your process and select the production server: https://acme-v02.api.letsencrypt.org/directory
You did nothing wrong. No "Dying" allowed there's enough of that going around.
In the script used by OP this is done by editing the script and changing it:
From:
staging=0 # Set to 1 if you're testing your setup to avoid hitting request limits
To:
staging=1 # Set to 1 if you're testing your setup to avoid hitting request limits
After changing the above you can re-run the script and all should be fine.
Note that the init-letsencrypt script should be run just once for getting a valid certificate. Once you have the valid certificate, you should NOT run the script again, as it will delete the previously issued, perfectly fine certificate and re-issue a new one unnecessarily. However, the Github repository nor the script does NOT explain how to renew your certificate, which is very unfortunate. Personally, I think the script is just plain @()$$)#@#* and shouldn't be used.
As I don't have experience with Docker nor that script, I find it hard to advice on how to proper renew your certificate and afterwards reload nginx too.