The "secondary validation" in the error usually means you are blocking certain geographic regions from accessing your domain. And, using this test site shows that you are: Check website performance and response : Check host - online website monitoring
Let's Encrypt validates from a number of world-wide locations. You must be blocking one or more of these locations. Below is an excellent article about that and suggests options for you