There is another possibility.
I used the Let's Debug test site against your hermes and even corp domain names yesterday trying to debug your problem with hermes cert.
One part of that site's test is to make a cert request on Let's Encrypt staging system. The request will fail of course since it cannot place the required challenge token on your server. But, it can identify comms problems or other server config issues.
The most common result, and the expected one, is 404 errors. Each test may result in as many as 4 http requests to your server. Let's Encrypt servers try these from varying IP addresses around the world.
My own tests won't explain the Sep1 or later Sep3 log entries but perhaps other volunteers tried Let's Debug as well when reviewing your previous problems.
You should see many of these on your hermes server log too. I continue to think requests to hermes are not getting to that server. You could try running Let's Debug test yourself and see if they show up in hermes access log.