Ok @szaimen, I found the logs and it has some good information in them. Here is the error that seems to be spamming in the logs…
{"level":"error","ts":1679690023.5662751,"logger":"tls.on_demand","msg":"renewing certificate on-demand failed","subjects":["MY_DOMAIN"],"not_after":1679257519,"error":"context canceled"}
{"level":"error","ts":1679690193.7384763,"logger":"tls.renew","msg":"could not get certificate from issuer","identifier":"MY_DOMAIN","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/"}
{"level":"error","ts":1679690193.738527,"logger":"tls.renew","msg":"will retry","error":"[MY_DOMAIN] Renew: [MY_DOMAIN] creating new order: attempt 1: https://acme-v02.api.letsencrypt.org/acme/new-order: HTTP 429 urn:ietf:params:acme:error:rateLimited - Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/failed-validation-limit/ (ca=https://acme-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":0.212885773,"max_duration":2592000}
{"level":"error","ts":1679690254.9450939,"logger":"http.acme_client","msg":"challenge failed","identifier":"MY_DOMAIN","challenge_type":"http-01","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"MY_IP: Fetching http://MY_DOMAIN/.well-known/acme-challenge/chD3aHnFeB4w--3qW3tMoADzyN2xkvIqlxO3NhhdClY: Connection refused","instance":"","subproblems":[]}}
{"level":"error","ts":1679690254.9451282,"logger":"http.acme_client","msg":"validating authorization","identifier":"MY_DOMAIN","problem":{"type":"urn:ietf:params:acme:error:connection","title":"","detail":"MY_IP: Fetching http://MY_DOMAIN/.well-known/acme-challenge/chD3aHnFeB4w--3qW3tMoADzyN2xkvIqlxO3NhhdClY: Connection refused","instance":"","subproblems":[]},"order":"https://acme-staging-v02.api.letsencrypt.org/acme/order/81428273/7926873484","attempt":1,"max_attempts":3}
{"level":"error","ts":1679690254.9451604,"logger":"tls.renew","msg":"could not get certificate from issuer","identifier":"MY_DOMAIN","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:connection - MY_IP: Fetching http://MY_DOMAIN/.well-known/acme-challenge/chD3aHnFeB4w--3qW3tMoADzyN2xkvIqlxO3NhhdClY: Connection refused"}
{"level":"error","ts":1679690254.9451969,"logger":"tls.renew","msg":"will retry","error":"[MY_DOMAIN] Renew: [MY_DOMAIN] solving challenge: MY_DOMAIN: [MY_DOMAIN] authorization failed: HTTP 400 urn:ietf:params:acme:error:connection - MY_IP: Fetching http://MY_DOMAIN/.well-known/acme-challenge/chD3aHnFeB4w--3qW3tMoADzyN2xkvIqlxO3NhhdClY: Connection refused (ca=https://acme-staging-v02.api.letsencrypt.org/directory)","attempt":2,"retrying_in":120,"elapsed":61.419555373,"max_duration":2592000}
{"level":"error","ts":1679690283.5189333,"logger":"tls.on_demand","msg":"renewing and reloading certificate","server_name":"MY_DOMAIN","subjects":["MY_DOMAIN"],"expiration":1679257519,"remaining":-432674.518206875,"revoked":false,"error":"context canceled"}