Thinking out loud - does your TLS server implementation allow for multiple clients to fetch the TLS-ALPN certificate? Or will it stop working after a single client has requested it?
Let's Encrypt will connect to your server ~4 times and try to perform the TLS-ALPN challenge, from different IPs. (Background reading; ACME v1/v2: Validating challenges from multiple network vantage points).
I noticed in your screenshot that there's one ALPN handshake that succeeds, but then there's 3 more ClientHello messages from other IPs which do not appear to have responses.
Is it possible you're only allowing a single client to fetch the ALPN certificate and then you delete it?