We are having issue validating the above domain (www.datacredito.com.co) and (stg1.datacredito.com.co). I work for Experian and we have 60 + domains on the certificate, the cert expires in 10 days, we need the cert renewed within 10 days.
We tried validating with URL redirect and DNS TXT record, but both did not work. The error says "Invalid"
Here is more detailed error message: 2025-08-21 16:22 GMTLet’s Encrypt: stg1.datacredito.com.co: DNS problem: query timed out looking up TXT for _acme-challenge.stg1.datacredito.com.co
2025-08-21 16:22 GMTLet’s Encrypt: www.datacredito.com.co: DNS problem: query timed out looking up TXT for _acme-challenge.www.datacredito.com.co
Can you provide your IP addresses so that we can whitelist because the DNS requires the IPs for the resolution of the records.
As Bruce noted, Let's Encrypt does not publish the list of IPs used for validation. There are currently 5 different validation centers around the world and these can change at any time.
Can you explain more why your DNS system blocks requests except for whitelisted IP addresses? That is very unusual. Especially given the large number of domain names in the cert which are for many locations around the world of your own. How do customers resolve those domains if you whitelist your DNS servers?
Can you also explain more about the use of that Let's Encrypt cert. I see a cert (https://crt.sh/?id=18812478000) which is probably the one you want to renew.
But, I checked several of the domain names and none I checked use that Let's Encrypt cert. They instead use a cert issued by Entrust or Sectigo.
Having a better understanding of your situation will allow us to give you the best advice.