SWAG invalid certs / mismatch

I run two servers at seperate locations. One of them just ran certbot to refresh the letsencrypt. Now, all of the sudden, Chrome is telling me the cert is not trusted (looks the same as the cert I run on a different domain) and I can’t proxy Plex through Cloudflare as I am getting a proxy mismatch error. What’s up? Had some email from letsencrypt a few weeks ago about some root expiring.

You will need to provide us with logs of your container and also your conpose otherwise it’s going to be hard to work this out.

docker logs swag:

To support the app dev(s) visit:
Certbot: Support EFF's Work on Certbot | Electronic Frontier Foundation

To support LSIO projects visit:
https://www.linuxserver.io/donate/

GID/UID

User uid: 1000
User gid: 1000

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing…
[cont-init.d] 20-config: exited 0.
[cont-init.d] 30-keygen: executing…
using keys found in /config/keys
[cont-init.d] 30-keygen: exited 0.
[cont-init.d] 50-config: executing…
Variables set:
PUID=1000
PGID=1000
TZ=America/Chicago
URL=.com
SUBDOMAINS=forney.vpn,forney.plex,forney,
EXTRA_DOMAINS=
ONLY_SUBDOMAINS=true
VALIDATION=dns
CERTPROVIDER=
DNSPLUGIN=cloudflare
EMAIL=
STAGING=false

Using Let’s Encrypt as the cert provider
SUBDOMAINS entered, processing
SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d forney.vpn..com -d forney.plex..com -d forney..com
No e-mail address entered or address invalid
dns validation via cloudflare plugin is selected
Certificate exists; parameters unchanged; starting nginx
[cont-init.d] 50-config: exited 0.
[cont-init.d] 60-renew: executing…
The cert does not expire within the next day. Letting the cron script handle the renewal attempts overnight (2:08am).
[cont-init.d] 60-renew: exited 0.
[cont-init.d] 70-templates: executing…
[cont-init.d] 70-templates: exited 0.
[cont-init.d] 99-custom-files: executing…
[custom-init] no custom files found exiting…
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Server ready
nginx: [warn] “ssl_stapling” ignored, host not found in OCSP responder “r3.o.lencr.org” in the certificate "/config/keys/letsencrypt/fullch

docker create
–name=swag
–cap-add=NET_ADMIN
-e PUID=1000
-e PGID=1000
-e TZ=America/Chicago
-e URL=.com
-e SUBDOMAINS=forney.vpn,forney.plex,forney,
-e VALIDATION=dns
-e DNSPLUGIN=cloudflare
-e ONLY_SUBDOMAINS=true
-e STAGING=false
-e MAXMINDDB_LICENSE_KEY=
-p 443:443
-v /docker/encrypted/swag/:/config
–restart unless-stopped