Interestingly it looks like it has been setup correctly on 2 of the 3 servers

$ host www.perlmonks.org 
www.perlmonks.org is an alias for perlmonks.org.
perlmonks.org has address 209.197.123.153
perlmonks.org has address 66.39.54.27
perlmonks.org has address 216.92.34.251


$ openssl s_client -showcerts -servername www.perlmonks.org -connect 2
+09.197.123.153:443 </dev/null 2>&1| grep subject
subject=/C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Sui
+te 510/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by
+ pair Networks/OU=PairWildcardSSL $250,000/CN=*.pairsite.com

$ openssl s_client -showcerts -servername www.perlmonks.org -connect 6
+6.39.54.27:443 </dev/null 2>&1| grep subject
subject=/CN=perlmonks.org

$ openssl s_client -showcerts -servername www.perlmonks.org -connect 2
+16.92.34.251:443 </dev/null 2>&1| grep subject
subject=/CN=perlmonks.org
[download]

Our site is generously hosted by http://www.pair.com/ which rules over the Apache config.

Cheers Rolf
_{(addicted to the Perl Programming Language :)
Wikisyntax for the Monastery}

I'm sure the admins will find a stable way.

The short term certificate is surely only meant for testing.

The short term certificate is surely only meant for testing.

Nope, that's how Let's Encrypt certs work. Why 90 days?