It produced this output: Waiting for verification...
Challenge failed for domain chat.santacasavotuporanga.com.br
http-01 challenge for chat.santacasavotuporanga.com.br
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
are a bit too protective and aren't responding to the DNS requests from LE. Do your DNS servers run Fail2ban or some sort of GeoLocation protection/blocking?
OR
There is no A, or AAAA, record defined in your zone:
I find a ip-adress for santacasavotuporanga.com.br but not for the subdomain chat.santacasavotuporanga.com.br.
check your dns-Entry's.
how you have create the subdomain?
i find no subdomain chat.santacasavotuporanga.com.br.
is it your own dns-server or have you a service porvider.
you must create a A-record or a AAAA-record dns-entry.
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for chat.santacasavotuporanga.com.br
Waiting for verification...
Challenge failed for domain chat.santacasavotuporanga.com.br
http-01 challenge for chat.santacasavotuporanga.com.br
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The A/AAAA problem has been resolved.
This is now another problem:
certbot with --apache won't work with Tomcat.
You need to follow the instructions for Apache Tomcat.
This might be helpful: Problem with certbot/apache/tomcat - #38 by griffin
OR
Use --webroot authentication.
[if you can locate the sites' document root folder]
Challenge failed for domain chat.santacasavotuporanga.com.br
http-01 challenge for chat.santacasavotuporanga.com.br
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: chat.santacasavotuporanga.com.br
Type: unauthorized
Detail: Invalid response from
http://chat.santacasavotuporanga.com.br/.well-known/acme-challenge/hQLGsjQ-qHU-Qp-gMBNWhveE2k2__BpxMgpuRFylimg
[162.241.52.169]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML
2.0//EN\">\n<html><head>\n<title>404 Not
Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
It may help if you take the time to understand what's going on:
Let's encrypt asks your server (using certbot) to create a text file and serve it as part of your website, in the above case it wants to be able to see http://chat.santacasavotuporanga.com.br/.well-known/acme-challenge/hQLGsjQ-qHU-Qp-gMBNWhveE2k2__BpxMgpuRFylimg
This is a file served by your webserver, put there by certbot.
If it can't see that file, validation fails
So the thing you need to check is, is certbot putting the file in the right place? Can your website server serve any files at all from /.well-known/acme-challenge/ - e.g. if you add a test file in there (not test.txt) can you browse to it yourself? e.g. http://chat.santacasavotuporanga.com.br/.well-known/acme-challenge/test. Make sure you are allowing /.well-known requests through to the file system.
Once you've solved that you can check you are giving certbot the correct file path for the root of your website.
