Cert renewal failing

Not sure if something changed recently… nothing on my end (that I can think of). but recently the certificate renewal started failing for our one site.
The “Test” completes successfully:
Application Pool: Configuration Override Enabled
Http Challenge Server process available.
Verified URL is accessible http://mydomain/.well-known/acme-challenge/configcheck

but “Request Certificate” is failing with "Validation of the required challenges did not complete successfully. Validation failed: mydomain [dns]. During secondary validation, timeout during connect.

However, I created a “test.txt” file in the acme-challenge folder and can access it externally. Any tips? I dont see any “Deny” actions in the firewall log either.

You are most likely using a security product or firewall that has geographic filtering or IP range filtering. Let’s Encrypt are simply not able to connect your server from some locations they use for their validation.

See Info: Let's Encrypt Secondary Validation Failures for HTTP domain validation