Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Is there a reason why you've used --config-dir, --work-dir and --logs-dir? Those are usually not set for normal operation.
Also, I notice you've used the manual plugin. As the manual plugin without an authentication script (which would have been used with aid of --manual-auth-hook) requires manual intervention and as certbot renew assumes no manual intervention at all, this won't work anyway. Is there also a reason why you're using the dns challenge? Isn't it possible to use the http-01 challenge? You're not requesting a wildcard certificate which mandates the dns-01 challenge. Perhaps due to the use of Sisense Server?
You might succesfully renew when you use those directory options in combination with the renew subcommand, but that won't work due to the use of the manual plugin without an authentication script.
Perhaps you can use the webroot plugin in combination with Sisense Server?
Thanks a lot.
I possess a very basic knowledge of certbot and its plugins. I'm not the author of the certbot command above.
I don't know why manual is used. I believe we can do without it after reading its description. dns challenge is used cause of Sisense Server, but I assume it's not a stopper for renewal?
I think the best thing to do now is to create a new cert, preferably with options/plugins that don't prevent renewal.
I'll check webroot plugin out.
If the Sisense Server isn't able to serve a random file (i.e., a token file generated by certbot) from a certain directory on your website, you'll need the dns challenge indeed.
If you can't automate the adding and removing of the TXT records through a script or a DNS plugin and you're limited by the dns challenge due to your webserver, you won't be able to fully automate renewal. You're stuck with running certbot manually every time you need to renew.
Depending on the possibilities of your Sisense server you might not be able to use webroot, but it's best to check it out indeed.
If you don't have the possibiliy to automate the adding and removing of the TXT records to your DNS zone, you might want to have a look at acme-dns which is, among others, build for such situations.