Just to confirm, that domain you registered currently points to the IP of the OpenEMR instance, right? If so…
My advice would be to change the domain to something known invalid, then re-up it and check the container logs on first start. Once you know how to check container logs (and you see where Let’s Encrypt failed to authenticate and make new certs) you can reset the domain to the proper state and do it a second time, now that you know where to look and what to look for, and then we’ll see what it has to say for itself.