Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:speedtest1.gs.chinamobile.com
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):CentOS Linux release 7.9.2009
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I successfully renew my certificates , but the certificates was checked with error by speedtest , Error: SSL certificate problem: self signed certificate.
@msbaggio It is also possible that you're using an older version of openssl in which you need to explicitly specify -servername in order to send SNI. In newer versions, SNI is sent automatically based on the argument to -connect, but in older versions it has to be added with a -servername option, or else no SNI extension will be sent by the client.
Web browsers always send SNI, so the newer behavior (providing SNI) is more similar to the behavior that a user would encounter from a browser.
my domain is speedtest1.gs.chinamobile.com
my openssl version is OpenSSL 1.1.1q 5 Jul 2022
I need to use the application of speedtest.net （or OoklaServer），so the speedtest.net will detect the https of my domain, it used port 8080
if you detect the port 8080， the certificate is OoklaServer , not Let's Encrypt