Simon J.K. Pedersen

@maccurt I just renewed a few of my own sites manually yesterday to see if I could reproduce the error. Unfortunately I cant. Have you tried to do the same?...

Hmm, looks like we can rule out that LE changed something, looked up some certificates issued around the same time as yours they all uses DST Root.

Okay now that is strange. You have the same setup as I do, on my websites that uses the other intermediate. I don't have any immediate ideas to what could...

I don't know why this happen for you, can you try to request a new certificate?

@kevin2078 I will try on US-East2 and see if it changes anything, it could be a issue with the web app servers that you are using. But really hard to...

@tdesmet did you use the Lets Encrypt staging environment? Sounds like that, when you get a certificate issued by Fake LE.

If you generate the client secret for the service principal from the portal should be aware that the default life-time is one year. So maybe the secret is simply expired....

Oh I can see from the other thread that you don't know how to check if the service principal certificate really is expired - you can use these powershell scripts...

Check that the service principal still have access to the resource group?

 Go to your resource group with the web site, and Click Acces Control (IAM) and use the Chekc Access Feature. If you know the name of your Service Principal/Application...