Below are response!
Could you please share with us the following information?
The domains you are using to generate the certificates
test-pk.khaadi.com test-us.khaadi.com test-ca.khaadi.com test-ch2.khaadi.com
Do all those domains have the same configuration in your DNS provider?
All DNS name resloved for mention IP's
Cname entry also exists in DNS entry
Are you using any cache mechanism to access the information or do your domains point to the instance's IP directly?
Yes we are using varnish front-end cache and for back-end rides cache.
All of the services are hosted on Azure, Magento application is running in a Azure VM Scale Set, URL's are pointing to its public IP, We have also configured Azure CDN.
Before using Bincert tool of bitnami for lets encrypt certificates, we have made configurations for https without certificates by manually adding virtual hosts.
Could not obtain certificates:
acme: Error -> One or more domains had a problem:
[khaadi.com] acme: error: 403 :: urn:ietf:params:acme:error:unauthorized :: Cannot negotiate ALPN protocol "acme-tls/1" for tls-alpn-01 challenge, url: