That means Let’s Encrypt couldn’t reach the validation file on your server. Assuming DNS is pointed to the right address and the host is responding to web requests, you likely have a redirect, a web app, or something else sucking up the request before it gets to the file.
So, put a test file in the public_html/.well-known/ directory and try to reach it. Then figure out what’s preventing you from reaching it (it’ll be either a redirect, a proxy rule, or something in your htaccess or web server config) and fix it so you can reach files in that directory. If it’s a redirect or a proxy rule, you can usually just exclude .well-known from whatever match you’re doing (Virtualmin automatically does that for rules it sets up, generally, but if you’ve got an htaccess for an application you installed yourself it probably needs tweaking).
I also just had an issue with Let’s Encrypt… while creating a new Virtual Host:
Changing IP address of virtual website …
… done
Creating SSL certificate and private key …
… done
Adding new SSL virtual website …
… done
Requesting a certificate for example.net, www.example.net from Let’s Encrypt …
… SSL website failed! : Failed to lock file /etc/apache2/mods-available/ssl.conf after 5 minutes. Last error was : Locked by PID 15707 at /usr/share/webmin/web-lib-funcs.pl line 1495.