Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output:
2022/06/23 10:47:57 Could not obtain certificates:
error: one or more domains had a problem:
[nooqgolf.com] acme: error: 400 :: urn:ietf:params:acme:error:connection :: 188.8.131.52: Timeout during connect (likely firewall problem)
I have AWS s3 for re-directing the root domain nooqgolf.com to www.nooqgolf.com but it is causing issues trying to renew. I have tried disabling the s3 bucket re-direct but still getting timeouts trying to renew or create new cert.
My web server is (include version): Apache/2.4.51 (Unix)
The operating system my web server runs on is (include version): Debian GNU/Linux 10 (buster).
My hosting provider, if applicable, is: AWS EC2
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): lego 4.7.0
--tls is telling Lego to use the TLS-ALPN-01 challenge, which a special protocol negotiated for Let's Encrypt validation purposes.
The problem is that S3 doesn't support this challenge type and the S3→EC2 redirect doesn't work for this challenge type because it's not based on HTTP.
What you will have to use is the HTTP-01 challenge, which you can do by replacing --tls with --http. What --http does is ask Lego to run a local webserver, which should be enough to make things work. You will need to re-enable your S3 redirect first.