I don’t know where those numbered files are coming from on your system. There shouldn’t be a bunch of files there at all, as far as I know (your system looks different from any of mine, I honestly don’t know what is happening there).
@Joe well some of us like the folk here like to do stuff differently - however I can see he is coming from Debian - he does create issues for him self - already solved - so I would be quiet touchy to even reply… which you did… any modifications to any config files - user should pass them into forum posts regardless - otherwise is just hi - I do not know what happen = hi, log files?
I have also external DNS, but let Bind run, so for good example for the dns to set external.
Also DKim is working then , sofar ik know this isn’t working ( in default setting) VMIN if DNS on the box is off.
Don’t know for this on LAN, for outbound IP’s but if done right it should.
IS “aster.ds.org” the maincert you use also for services as vmin and more?
I can’t help while no debian.
But those above if you are using for mail i think you better have also DKim working if possible.
I you have to run letsencrypt more times then some timings (dns, or even traffic / connection to your box) ! ( or hickups letsencrypt itself sometimes there are)
Is this with newly created virtualservers / domains ? Then the dns resolving time maybe…
(Oyea if you use (local) box or one that is with IPV6 also connected and no fixed IPV6 but DHCP it can takes some time before the IPV6 connections are there and you have one from a provider, here with al local Fiber provider this could take to 20 Minutes , so if your box is local and using internet provider then this could also be the problem for those delay, problems, often we get a other ipv6 on that line, we have a fixed on bussiness cable line)