Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:www.fhhs.kh.edu.tw
I ran this command:certbot certonly --manual --csr C:\resin-4.0.44\keys\gryffindor.csr --preferred-challenges "http"
It produced this output:
2021-12-28 08:43:44,373:INFO:certbot._internal.auth_handler:Challenge failed for domain www.fhhs.kh.edu.tw
2021-12-28 08:43:44,373:INFO:certbot._internal.auth_handler:http-01 challenge for www.fhhs.kh.edu.tw
2021-12-28 08:43:44,373:DEBUG:certbot._internal.display.obj:Notifying user:
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: www.fhhs.kh.edu.tw
Type: connection
Detail: Fetching https://www.fhhs.kh.edu.tw/.well-known/acme-challenge/96PmgxVANC9WmDwa_3mce_EQaqMk2wTccoG0cYs5L0M: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the manually created challenge files. Ensure that you created these in the correct location.
My web server is (include version):resin-4.0.44
The operating system my web server runs on is (include version):Windows Server 2012 R2 Standard
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot version: 1.19.0
Update: @fhhs Earlier today when I quickly looked at your problem your server was sending an expired certificate but it was sending a complete chain. Now, you are sending just the server "leaf" certificate but not the chain. You should restore the setting that sent the whole chain but using your new certificate (from fullchain.pem). You can view your cert and chain with a site like this: https://decoder.link/sslchecker/www.fhhs.kh.edu.tw/443