Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command:
sudo certbot renew --dry-run
It produced this output:
Simulating renewal of an existing certificate for solar.schamschula.com and 2 more domains
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Detail: 220.127.116.11: Invalid response from http://solar.schamschula.com/.well-known/acme-challenge/qx-76It5n3HJ1u7PYkHAAGcXU_nTd8i1PM20XxU9Gf4: 403
Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.
Failed to renew certificate temp3 with error: Some challenges have failed.
All simulated renewals failed. The following certificates could not be renewed:
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
My web server is (include version):
Name : apache24
Version : 2.4.54
The operating system my web server runs on is (include version):
FreeBSD mars 13.1-RELEASE-p2 FreeBSD 13.1-RELEASE-p2 GENERIC amd64
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
Note: test.schamschula.com was added to work around a renewal problem. I would like to get rid of it along with solar.schamschula.com (which I haven't actively used in several years). The only cert that should remain is wx.schamschula.com.