Randomly one or many domain connections time out. Can’t renew the certificate now as always at least one domain times out. Last update 2 months ago was allright.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/www2.fully-kiosk.com/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
That could be a real server timeout as after server restart there are many waiting client requests arriving on Apache which make it slow for the first seconds.
I managed this by increasing server process numbers in /etc/apache2/mods-available/mpm_prefork.conf Then I could finally renew the certificate on the second attempt.
Is there a way to increase the connection timeout value for certification process by certbot?
I'm not sure that this is the same delay that you're thinking of but you might get what you want if you can change the time.sleep(3) here to a larger value.
I believe that is the one where Certbot has made changes to your Apache configuration to pass the challenges from the CA and is then waiting after restarting Apache. If it takes more than 3 seconds to start up, you might encounter problems here.
This value is currently not configurable in any configuration file and would require you to change the code in your locally installed copy of Certbot.