If you got your cert from the staging server, SSLLabs would report it as being untrusted, but the cert should be there, it should have the right hostname(s) on it, etc. If all that worked, then you're almost done. You've already commented out the line setting it to use the staging CA, so the only thing left is to run
dehydrated -c -x
The -x flag tells it to go ahead and request a new cert, even though your existing cert isn't about to expire. Without it, the dehydrated script will see that your cert still has more than 30 days' of validity left and won't renew it.