Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: www.sps-ionstd-san-sni-newprod-le-17.webexp-ipqa1.com
I ran this command: https://acme-v02.api.letsencrypt.org/acme/authz-v3/2453090296
It produced this output: Status is pending, but when we immediately request this again, it says Valid
My web server is (include version): N/A
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot):
Some domains were valid by ACMEv1, and when we switch over to ACMEv2, ACMEv2 authz link immediately returns valid, which seems to honor the domain validation from ACMEv1. But we also find some domains ACMEv2 requires for re-invalidate. The question is: does it base on some internal criteria such as how close to expiry? if it does, how close to expiry would trigger a re-validation?