Certbot not creating acme-challenge folder
The problem was the nginx configuration.I replaced my long configuration files with the simplest config possible:
server { listen 80; server_name domain.com www.domain.com git.domain.com; root /var/www/domain/;}
Then I was able to issue new certificates.
The problem with my long configuration files was (as far as I can tell) that I had the these lines:
location ~ /.well-known { allow all;}
But they should be:
location ~ /.well-known/acme-challenge/ { allow all;}
Now the renewal works, too.
I had a similar issue. My problem was, that I had this rule:
location ~ /\. { access_log off; log_not_found off; deny all; }
these lines where canceling every acces to any directory starting with a "." (point)
For some strange reason (I think the certbot script changed in some way), I was not able in any way to renew the certificates. I found this thread that finally helped me after almost 4 hours of research:
https://community.letsencrypt.org/t/solved-invalid-response-403-forbidden/64170/13
hope it helps somebody else.
The trick is to add this in the apache config :
DocumentRoot /var/lib/letsencrypt/http_challenges <Directory /var/lib/letsencrypt/http_challenges> Allow from All </Directory>
Hope it works for someone else!