We have an very strict firewall policy to block all AWS incoming traffic. We block all IP V4 ranges of AWS.
Due new multivalidation process our certificates renew requests fails on Secondary validation.
Lookin for info about it I read that this secondary validation initiates on Amazon. I Turned off our AWS firewall policy and everything works fine! All certificates renew in seconds.
I also read LetsEncrypt will not provide IP address to whitelist it on firewall to keep this new process more secure… so…
there is any other work around to this?
-Sorry if my english is not good.