diff --git a/inventory/group_vars/all b/inventory/group_vars/all
index de7bd7ece3..ad220bdc1a 100644
--- a/inventory/group_vars/all
+++ b/inventory/group_vars/all
@@ -419,7 +419,3 @@ sshd_sftp: false
 # Autodetect python version
 #
 ansible_python_interpreter: auto
-#
-# datacenter with active certbot in it
-#
-certgetter_datacenter: iad2
diff --git a/inventory/group_vars/certgetter_stg b/inventory/group_vars/certgetter_stg
new file mode 100644
index 0000000000..5969ffe27d
--- /dev/null
+++ b/inventory/group_vars/certgetter_stg
@@ -0,0 +1,15 @@
+---
+# Define resources for this group of hosts here. 
+lvm_size: 20000
+mem_size: 2048
+num_cpus: 2
+
+# for systems that do not match the above - specify the same parameter in
+# the host_vars/$hostname file
+
+tcp_ports: [ 80, 443 ]
+
+# Neeed for rsync from log01 for logs.
+custom_rules: [ '-A INPUT -p tcp -m tcp -s 10.3.163.39 --dport 873 -j ACCEPT', '-A INPUT -p tcp -m tcp -s 192.168.1.59 --dport 873 -j ACCEPT' ]
+
+fas_client_groups: sysadmin-main
diff --git a/inventory/host_vars/certgetter01.stg.iad2.fedoraproject.org b/inventory/host_vars/certgetter01.stg.iad2.fedoraproject.org
new file mode 100644
index 0000000000..b7803b4848
--- /dev/null
+++ b/inventory/host_vars/certgetter01.stg.iad2.fedoraproject.org
@@ -0,0 +1,13 @@
+---
+nm: 255.255.255.0
+gw: 10.3.166.254
+dns: 10.3.163.33
+
+ks_url: http://10.3.163.35/repo/rhel/ks/kvm-fedora-32-iad2
+ks_repo: http://10.3.163.35/pub/fedora/linux/releases/32/Server/x86_64/os/
+
+volgroup: /dev/vg_guests
+eth0_ip: 10.3.166.22
+vmhost: vmhost-x86-01.stg.iad2.fedoraproject.org
+datacenter: iad2
+mem_size: 4096
diff --git a/inventory/inventory b/inventory/inventory
index d4df651e9b..743d06494d 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -35,6 +35,9 @@ retrace_stg_aws
 [certgetter]
 certgetter01.iad2.fedoraproject.org
 
+[certgetter_stg]
+certgetter01.stg.iad2.fedoraproject.org
+
 [backup]
 backup01.iad2.fedoraproject.org
 
@@ -649,6 +652,7 @@ batcave01.iad2.fedoraproject.org
 bastion01.iad2.fedoraproject.org
 bastion02.iad2.fedoraproject.org
 certgetter01.iad2.fedoraproject.org
+certgetter01.stg.iad2.fedoraproject.org
 log01.iad2.fedoraproject.org
 ns01.iad2.fedoraproject.org
 ns02.iad2.fedoraproject.org
@@ -1299,6 +1303,7 @@ bvmhost-x86-08.iad2.fedoraproject.org
 bvmhost-x86-02.stg.iad2.fedoraproject.org
 bvmhost-x86-03.stg.iad2.fedoraproject.org
 certgetter01.iad2.fedoraproject.org
+certgetter01.stg.iad2.fedoraproject.org
 compose-iot01.iad2.fedoraproject.org
 compose-branched01.iad2.fedoraproject.org
 compose-rawhide01.iad2.fedoraproject.org
diff --git a/playbooks/groups/certgetter.yml b/playbooks/groups/certgetter.yml
index d59f48fca9..5f89894ace 100644
--- a/playbooks/groups/certgetter.yml
+++ b/playbooks/groups/certgetter.yml
@@ -1,7 +1,7 @@
-- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=certgetter"
+- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=certgetter:certgetter_stg"
 
 - name: make the box be real
-  hosts: certgetter
+  hosts: certgetter:certgetter_stg
   user: root
   gather_facts: True
 
diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml
index a2b56d53cf..1e395d152e 100644
--- a/roles/letsencrypt/tasks/main.yml
+++ b/roles/letsencrypt/tasks/main.yml
@@ -1,5 +1,5 @@
 - name: Generate (or renew) the certificate
-  delegate_to: "certgetter01.{{ certgetter_datacenter }}.fedoraproject.org"
+  delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org"
   command: certbot certonly --expand --keep -n --webroot --webroot-path /var/www/html/ -d {{','.join([site_name] + server_aliases)}}
   run_once: true
   register: certbot_output
@@ -10,7 +10,7 @@
 
 # Find the directory to use
 - name: Get the directory to use
-  delegate_to: "certgetter01.{{ certgetter_datacenter }}.fedoraproject.org"
+  delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org"
   # Sometimes we get directories like site-0001, site-0002, etc. We want the latest
   shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | sed -e 's/: directory//' | tr -d '\n'"
   register: certbot_dir
@@ -21,7 +21,7 @@
 
 # And once we do that, we need to copy some things.
 - name: Obtain the certificate
-  delegate_to: "certgetter01.{{ certgetter_datacenter }}.fedoraproject.org"
+  delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org"
   command: "cat {{certbot_dir.stdout}}/cert.pem"
   register: certbot_certificate
   changed_when: 'false'
@@ -30,7 +30,7 @@
   - letsencrypt
 
 - name: Obtain the intermediate certificate
-  delegate_to: "certgetter01.{{ certgetter_datacenter }}.fedoraproject.org"
+  delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org"
   command: cat {{certbot_dir.stdout}}/chain.pem
   register: certbot_chain
   changed_when: 'false'
@@ -39,7 +39,7 @@
   - letsencrypt
 
 - name: Obtain the key
-  delegate_to: "certgetter01.{{ certgetter_datacenter }}.fedoraproject.org"
+  delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org"
   command: cat {{certbot_dir.stdout}}/privkey.pem
   register: certbot_key
   changed_when: 'false'