Application using a tunnel to renew let's encrypt cert

I have a web application behind a tunnel and the lets encrypt cert as expired. I added a path for testdomain.com/.well-known and set the access to bypass. When my server tries to renew the cert it fails when it connects to http://testdomain.com/.well-known/acme-challenge/37678ejkhsjkdhkjd8dsd to access the cert. I have automatic https rewrites turned off and always use https turned off so it should be able to browse http without being secure. My server returns the message unauthorized when trying to go to the let’s encrypt test file.

Any help would be appreciated.

Thanks!