while thinking about Let’s Encrypt challenges I came up with the following problem which might happen:
Assume I want to update the TLS certificate which is not valid anymore (forgot to update in time). My web server is configured in a way that it redirects all HTTP traffic to HTTPS and sends a HSTS header. What happens now if I start the LE challenge? Will the LE side try to validate the TLS connection/certificate and will the challenge fail then?