LE requires to access your website in http only that's why you have to exclude .well-knwon from the redirection so you can access your website using https and LE will access .well-known in http only.
I have just installed virtualmin successfully on my Centos 7 server, added LE certificate to my virtual servers and successfully redirect all http requests to https. How do I let LE access the .well-known folder in http after 2 months as you mentioned above?