Our company had a guy who issued Let’s Encrypt certificates for particular service using certes (Windows dotnet tool).
The guy has left company and now reissue the particular certificate is only possible from his machine (Windows PC). The same instructions from other PC - failed on VALIDATION stage
certes order validate https://acme-v02.api.letsencrypt.org/acme/order/[OrderId]/[OrderId] domainexample.com dns
The error is 100% inadequate - it tells, that TXT record Incorrect (this is not true).
Error looks like
“Incorrect TXT record “CKWdcTbGXXx3h…etc” found at _acme-challenge.domainexample.com”
I am not an expert in certification, but I suppose, that his computer either was bounded with the LE account/ the certificate, or contains some validation certificate/tool/private key etc which help to validate the issuing. I have found only LE Authority X3 certificate on his machine and exported it to other machine. No luck so far.