The issue has begun popping up on other domains & servers too:
# INFO: Using main config file dehydrated.conf
Processing mattermost.netz.lt
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for mattermost.netz.lt
+ 1 pending challenge(s)
+ Deploying challenge tokens...
+ Responding to challenge for mattermost.netz.lt authorization...
+ Cleaning challenge tokens...
+ Challenge validation has failed
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "http-01"
["status"] "invalid"
["error","type"] "urn:ietf:params:acme:error:dns"
["error","detail"] "During secondary validation: DNS problem: query timed out looking up CAA for mattermost.netz.lt"
["error","status"] 400
["error"] {"type":"urn:ietf:params:acme:error:dns","detail":"During secondary validation: DNS problem: query timed out looking up CAA for mattermost.netz.lt","status":400}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11469645477/m20_sg"
["token"] "h6j-24KXIcrudRowG5LtGeN97rw4kv3DiHmlRKrP9I4"
["validationRecord",0,"url"] "http://mattermost.netz.lt/.well-known/acme-challenge/h6j-24KXIcrudRowG5LtGeN97rw4kv3DiHmlRKrP9I4"
["validationRecord",0,"hostname"] "mattermost.netz.lt"
["validationRecord",0,"port"] "80"
["validationRecord",0,"addressesResolved",0] "45.9.60.98"
["validationRecord",0,"addressesResolved",1] "2a03:4000:45:232::1"
["validationRecord",0,"addressesResolved"] ["45.9.60.98","2a03:4000:45:232::1"]
["validationRecord",0,"addressUsed"] "2a03:4000:45:232::1"
["validationRecord",0] {"url":"http://mattermost.netz.lt/.well-known/acme-challenge/h6j-24KXIcrudRowG5LtGeN97rw4kv3DiHmlRKrP9I4","hostname":"mattermost.netz.lt","port":"80","addressesResolved":["45.9.60.98","2a03:4000:45:232::1"],"addressUsed":"2a03:4000:45:232::1"}
["validationRecord"] [{"url":"http://mattermost.netz.lt/.well-known/acme-challenge/h6j-24KXIcrudRowG5LtGeN97rw4kv3DiHmlRKrP9I4","hostname":"mattermost.netz.lt","port":"80","addressesResolved":["45.9.60.98","2a03:4000:45:232::1"],"addressUsed":"2a03:4000:45:232::1"}])
An error occured!
Here, it also occurs with dns-01 validation:
# INFO: Using main config file dehydrated.conf
# INFO: Running ../dehydrated/dehydrated as asterisk
# INFO: Using main config file dehydrated.conf
Processing asterisk.kiel.sembritzki.org
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Apr 10 01:00:14 2021 GMT (Less than 31 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for asterisk.kiel.sembritzki.org
+ 1 pending challenge(s)
+ Deploying challenge tokens...
+ Responding to challenge for asterisk.kiel.sembritzki.org authorization...
+ Cleaning challenge tokens...
+ Challenge validation has failed
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "dns-01"
["status"] "invalid"
["error","type"] "urn:ietf:params:acme:error:dns"
["error","detail"] "During secondary validation: DNS problem: query timed out looking up CAA for asterisk.kiel.sembritzki.org"
["error","status"] 400
["error"] {"type":"urn:ietf:params:acme:error:dns","detail":"During secondary validation: DNS problem: query timed out looking up CAA for asterisk.kiel.sembritzki.org","status":400}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11469645306/_h1GsQ"
["token"] "K-4Phc29j7oG7FkDI80t-i266hODTit_iE9A3MLtnNU"
["validationRecord",0,"hostname"] "asterisk.kiel.sembritzki.org"
["validationRecord",0] {"hostname":"asterisk.kiel.sembritzki.org"}
["validationRecord"] [{"hostname":"asterisk.kiel.sembritzki.org"}])
An error occured!
one more:
# INFO: Using main config file dehydrated.conf
Processing nextcloud.heinbockel.info
+ Checking domain name(s) of existing cert... unchanged.
+ Checking expire date of existing cert...
+ Valid till Apr 6 01:01:02 2021 GMT (Less than 31 days). Renewing!
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting new certificate order from CA...
+ Received 1 authorizations URLs from the CA
+ Handling authorization for nextcloud.heinbockel.info
+ 1 pending challenge(s)
+ Deploying challenge tokens...
+ Responding to challenge for nextcloud.heinbockel.info authorization...
+ Cleaning challenge tokens...
+ Challenge validation has failed
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "http-01"
["status"] "invalid"
["error","type"] "urn:ietf:params:acme:error:dns"
["error","detail"] "During secondary validation: DNS problem: query timed out looking up A for nextcloud.heinbockel.info"
["error","status"] 400
["error"] {"type":"urn:ietf:params:acme:error:dns","detail":"During secondary validation: DNS problem: query timed out looking up A for nextcloud.heinbockel.info","status":400}
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/11469649172/FnP2Yg"
["token"] "42i6CDgROMUzOigygiTGcH5dHbb4ZMghfH2n4mV0MZ8"
["validationRecord",0,"url"] "http://nextcloud.heinbockel.info/.well-known/acme-challenge/42i6CDgROMUzOigygiTGcH5dHbb4ZMghfH2n4mV0MZ8"
["validationRecord",0,"hostname"] "nextcloud.heinbockel.info"
["validationRecord",0,"port"] "80"
["validationRecord",0,"addressesResolved",0] "194.55.14.91"
["validationRecord",0,"addressesResolved"] ["194.55.14.91"]
["validationRecord",0,"addressUsed"] "194.55.14.91"
["validationRecord",0] {"url":"http://nextcloud.heinbockel.info/.well-known/acme-challenge/42i6CDgROMUzOigygiTGcH5dHbb4ZMghfH2n4mV0MZ8","hostname":"nextcloud.heinbockel.info","port":"80","addressesResolved":["194.55.14.91"],"addressUsed":"194.55.14.91"}
["validationRecord"] [{"url":"http://nextcloud.heinbockel.info/.well-known/acme-challenge/42i6CDgROMUzOigygiTGcH5dHbb4ZMghfH2n4mV0MZ8","hostname":"nextcloud.heinbockel.info","port":"80","addressesResolved":["194.55.14.91"],"addressUsed":"194.55.14.91"}])
An error occured!
These are errors from three different servers. All these domains have been in use and renewed for many times, without any issues. There were no recent changes.