You may want to investigate which TLS ciphers are enabled on the server, it looks like Hetzner API requires TLS 1.3 which may not be available
I usually use this tool to configure the available ciphers: Nartac Software - IIS Crypto
Note that the supported TLS Ciphers are an operating system configuration item and not within the scope of Certify The Web (which just gets and applies certificates).