Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: Task schedule updating certificate every day at 9 AM
It produced this output:
My web server is (include version): Windows 2016 version 1607
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: myself
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): wacs 18.104.22.1686
My certificates are not automatically being renewed on my server (I has been working), but I can do it manually by running the same script as the Task manger (it is running as admin). Every time it tries to renew the certificate it throws an event in Windows event log (see below).
In the last month I also have had issues that the certificate are being lost on my website, then I need to select it again in binding in IIS, I don't know if is is related ?
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
to the user SCADAOVDEMO\Administrator SID (S-1-5-21-1203903011-3128385231-1205726625-500) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
I think you may be able to ignore the DCOM issue because windows sometimes tries certain operations one way, then another. Could be a problem but seems less likely.
Regarding scheduled renewals, I think you need to re-create the scheduled task - could be something for the Administrator account got changed somewhere (password reset?). Delete it and use the app to recreate it: https://www.win-acme.com/manual/automatic-renewal
Regarding the certificate "being lost" - this is where you really need to keep an eye on things. My (complete) guess would be it expired and got cleaned up by the app, but the newer replacement certs weren't binding properly. Get your renewal working again then monitor that it's actually updating the HTTPS binding in IIS regularly (Edit Bindings in IIS Manager, check the date on the selected cert).
If you ever see a problem where the wrong cert (but otherwise valid) cert is served this is usually a binding conflict where one binding has been setup as IP specific or non-SNI, so it takes priority over SNI bindings (which get selected by the server based on the hostname requested).