Hi _az
thanks for your information, before proceed the step provided by you, i read Certbot renewal fails with "The client lacks sufficient authorization" error look like http-01 validation request was coming from an IPv6 address.
ours DNS server only configure IPv4, if this is one of the requirement to achieve http-01 method renew SSL certificate, then i will stick to dns-01.
who manage assist to verify on above query ( http-01 validation request was coming from an IPv6 address, not ipv4)
thanks