LE server (acme-v01.api.letsencrypt.org) dropping webroot or client connections?

I’m having strange things happening with simp_le and webroot authentication. This already worked, but I’m running into trouble when renewing. I’m also forwarding the verification (.well-known) requests from the actual server to the one where I’m running the client.

It looks like the acme server is dropping either the connections from the client, resulting in “Bad Status Line” errors, or the connections to my server - the connection closes before the forwarding nginx got a reply from the actual server containing the webroot.

Retrying a lot helped previously, but doesn’t feel like a good idea.