On my CentOS 8 installation, I’m not able to successfully be verified for Let’s Encrypt requests.

The error:

The following errors were reported by the server:

Domain: www.example.com
Type: unauthorized
Detail: Invalid response from
http://www.example.com.com/.well-known/acme-challenge/Eev8PexxxxxxxxxxxIrPy72-ZEChWnMVVJi7eJzog
[157.245.176.53]: “\n\n403
Forbidden\n\n

Forbidden

Domain: example.com
Type: unauthorized
Detail: Invalid response from
http://example.com/.well-known/acme-challenge/4lERJ99YPYxxxxxxxxxxx6kQgbPuY8wrZxmhBg
[157.245.176.53]: “\n\n403
Forbidden\n\n

Forbidden

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

On my CentOS 7 freshly installed server, I can request a SSL successfully without any additional modifications to DNS. I’ve only changed the @ and www records to point to the server IP, which makes me conclude it’s a CentOS 8 setup issue.

Don’t guess, check.

Make sure when you look up your domain name, you get the IP of your server.

Make sure you can browse to that URL (the .well-known) one. Some apps suck up requests, and you might need to modify the htaccess file, or Apache config to not proxy/redirect for requests to that path. If you don’t know why it’s failing, check the error and access log for that domain.

My A records and NS records were pointed properly.

What fixed it for me was manually creating a folder in my web’s root called: .well-known.

The SSL request was now successful!

Thanks for your help.