It looks like somewhere in April or May bug was fixed but appear another one.
After rolling upgrade with authomatic Symbolic link to exesting letsencrypt certificate Windows Client could not establish VPN connection anymore.
Everything looks helsy but client exits with “IKE authentication credentials are unacceptable”
Evenlog on client contains “The user dialed a connection named IKEv2 VPN which has failed. The error code returned on failure is 13801.”
This error means
The error code 13801 when connecting to an IKEv2 VPN <mark>typically indicates an issue with the authentication credentials, specifically related to certificates</mark>. This often means the client computer doesn't trust the server certificate or the server certificate is not configured correctly.
Letsencrypt certificate looks fresh and helsy by himself. renew certbot exits because it is too early to renew.
it would be useful to forcibly renew certificate but there is no command options to make this.
Looks like we need addtional option to renew certbot directive to forcibly renew certificate just to check would it help or not.
Simple sudo certbot renew doesn’t help because do not understand existing configuration.