Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The topic title says "invalid", but the "output" shown says "VALID" and "NOT ready".
So, I don't know what to make of that.
Also, this is very vague:
It is difficult for anyone to help when they don't know exactly what you did nor with which tool.
I can see that both names resolve to the same IP and it seems to be handling the challenge requests as expected.
As a test, please place a test text file in the expected challenge location and then let's test access to it.
With something like: curl -Ii autodiscover.got-jena.de/.well-known/acme-challenge/Test_File-1234 curl -Ii david.got-jena.de/.well-known/acme-challenge/Test_File-1234
[please be sure to NOT use any extension type on the file]
Thanks for your response.
After some further investigation, we found where the issue was caused.
Although configuration was well and unchanged, the IIS failed to serve the binding for port 80, and this way the access to the virtual directory .well-known failed too for this port So only port 443 was served. It was a malfunction of the IIS, not a firewall issue (neither external nor internal).
The solution was to restart the server (IIS service restart may have been enough).
After the restart it was working as expected. A very weird issue.
But anyway, thanks again.