Again issue with letsencrypt / certbot

It seems, I’ve get one step forward as follows:

  1. remove old certbot apt-get remove certbot
  2. add snapd apt-get install snapd
  3. load new certbot sudo snap install --classic certbot
  4. create a link, where virtualmin expect the file: sudo ln -s /snap/bin/certbot /usr/bin/certbot

Steps are described here at the certbot-page

This makes me able to run certbot without an fatal error, but it still don’t finish the validation. It output the following in my Custom-Command I’ve create to simulate a certification in --dry-run:

Ausgabe von virtualmin generate-letsencrypt-cert --domain citra.shop --staging ..
Requesting SSL certificate for citra.shop www.citra.shop ..
.. failed : Web-based validation failed : Requesting a certificate for citra.shop and www.citra.shop

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
  Domain: citra.shop
  Type:   unauthorized
  Detail: Invalid response from http://citra.shop/.well-known/acme-challenge/k7TAULIUjnLviFo72okPbgLJ1d5pKqObv4UrvaAEuBM [2001:4b99:1:253::9]: 404

  Domain: www.citra.shop
  Type:   unauthorized
  Detail: Invalid response from https://citra.co.za/.well-known/acme-challenge/AQ56EV_nymeR7cH0yWwITl0j2IgEZ97NRCodIqQ3QuM [2001:4b98:dc5:253::9]: 404

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
   DNS-based validation failed : Requesting a certificate for citra.shop and www.citra.shop

Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
  Domain: citra.shop
  Type:   unauthorized
  Detail: No TXT record found at _acme-challenge.citra.shop

  Domain: www.citra.shop
  Type:   unauthorized
  Detail: No TXT record found at _acme-challenge.www.citra.shop

Hint: The Certificate Authority failed to verify the DNS TXT records created by the --manual-auth-hook. Ensure that this hook is functioning correctly and that it waits a sufficient duration of time for DNS propagation. Refer to "certbot --help manual" and the Certbot User Guide.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

BTW:
Is there an implementation for a WildCard Certificate planed, where certbot needs an DNS-Entry? See
I’m not familiar with perl, but if I can I would help to create such an plugin… there are still some for many other ISP-Software: Certbot Plugins