Cannot renew certificates

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: jrd.jumpingcrab.com

I ran this command: certbot renew --dry-run

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/jrd.jumpingcrab.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator webroot, Installer None
Simulating renewal of an existing certificate for jrd.jumpingcrab.com
Performing the following challenges:
http-01 challenge for jrd.jumpingcrab.com
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification...
Challenge failed for domain jrd.jumpingcrab.com
http-01 challenge for jrd.jumpingcrab.com
Cleaning up challenges
Failed to renew certificate jrd.jumpingcrab.com with error: Some challenges have failed.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
All simulated renewals failed. The following certificates could not be renewed:
** /etc/letsencrypt/live/jrd.jumpingcrab.com/fullchain.pem (failure)**
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)

IMPORTANT NOTES:
** - The following errors were reported by the server:**

** Domain: jrd.jumpingcrab.com**
** Type: unauthorized**
** Detail: Invalid response from https://jrd.jumpingcrab.com/login**
** [5.48.215.235]: "\n<html class="ng-csp"**
** data-placeholder-focus="false" lang="en" data-locale="en"**
** >\n\t<head\n data-requesttoken="wLYm"**

** To fix these errors, please make sure that your domain name was**
** entered correctly and the DNS A/AAAA record(s) for that domain**
** contain(s) the right IP address.**

My web server is (include version): nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version): ubuntu on odroid xu4

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.15.0

It is a nextcloud server on an Arm architecture (odroid).
If you will be able to help me, it will be very great.
Thank you

sudo cerbot renew

will work only close to certificate expiration. the servers workload is bad enough

Welcome to the Let's Encrypt Community

This redirect chain will make it impossible for your webserver to satisfy an http-01 challenge using the webroot authenticator:

http://jrd.jumpingcrab.com/.well-known/acme-challenge/test
301 Moved Permanently
https://jrd.jumpingcrab.com/.well-known/acme-challenge/test
301 Moved Permanently
https://jrd.jumpingcrab.com/index.php/.well-known/acme-challenge/test
302 Found
https://jrd.jumpingcrab.com/login
200 OK

If you create a test file containing "1234" in /.well-known/acme-challenge/ in your webroot folder (/var/www/nextcloud), you should be able to retrieve that file with your browser.

Try using this certbot command instead:

certbot certonly --cert-name jrd.jumpingcrab.com --nginx -d "jrd.jumpingcrab.com" --deploy-hook "nginx -s reload" --dry-run

If that works then run it again without the --dry-run being sure to specify to replace your existing certificate if prompted.

Perfect Griffin !
It works !
I was on this since this morning...
Thanks a lot.

But if you have some time to explain me why the renew command did not work ? It seems to me that I tried it when I installed my server and it worked with the dry-run flag.
Anyway, thank you a lot for your answer and thank you for solving my issue.