Can't renew During secondary validation: Fetching xxx Connection reset by peer

Do you have any firewall rules or devices in front of your server that may be affecting traffic from AWS?

Recently Let’s Encrypt began checking challenges from 4 different hosts simultaneously: ACME v1/v2: Validating challenges from multiple network vantage points

Your error indicates that one of the secondary perspectives (which are currently hosted with AWS) failed to fetch the challenge file from your server.

Does this error happen consistently or just sometimes?