I am experiencing the same issue at debrog.net (also nginx). My certifcate expired on 8/29/2021, and I can't seem to get a new one:
Which names would you like to activate HTTPS for?
1: debrog.net
2: mail.debrog.net
3: www.mail.debrog.net
4: www.debrog.net
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for debrog.net and 3 more domains
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: debrog.net
Type: connection
Detail: Fetching http://debrog.net/.well-known/acme-challenge/bFcmJAs8CUtnuVJtMonZlsaWRjZ8nR7LBLCYjWLEj9E: Timeout during connect (likely firewall problem)
Domain: mail.debrog.net
Type: connection
Detail: Fetching http://mail.debrog.net/.well-known/acme-challenge/CW-1dZ2G6q_iYSzYcMi1qVJjYW3NLIcsFVUMD9KrQgs: Timeout during connect (likely firewall problem)
Domain: www.debrog.net
Type: connection
Detail: Fetching http://www.debrog.net/.well-known/acme-challenge/NQ_PND37fHxUB4jOtEwPHLFEJQjUYap7aINRWfIVOVo: Timeout during connect (likely firewall problem)
Domain: www.mail.debrog.net
Type: connection
Detail: Fetching http://www.mail.debrog.net/.well-known/acme-challenge/_EEMpLTGDErW5VjY_86dHhhdHmYQNeTVkUamG_QXB9Q: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.