Thanks for the reply.
The command is running on the same server. The node server listens on port 443 directly. I do not have a reverse proxy.
# renew_before_expiry = 30 days
version = 0.8.1
cert = /etc/letsencrypt/live/schedule.greenwood.space/cert.pem
privkey = /etc/letsencrypt/live/schedule.greenwood.space/privkey.pem
chain = /etc/letsencrypt/live/schedule.greenwood.space/chain.pem
fullchain = /etc/letsencrypt/live/schedule.greenwood.space/fullchain.pem
# Options used in the renewal process
[renewalparams]
authenticator = standalone
installer = None
account = ****
webroot_path = /home/greenwood/greenwood-scheduler,
[[webroot_map]]
I did some more sleuthing, and it looks like the back and forth dies when the eff site is unable to directly connect to the IP address, port 443 to the standalone server. I would be fine with enabling dns verification, but there is quite literally no documentation on how to do that other than “it will tell you if you try.” Well, I tried, and it just said it wouldn’t do it, no further information.
I’m now 9 days from expiry on the site. Should I give up on renewal and just generate a new one? Will it even let me?