Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: sudo certbot --nginx -d udaraw.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for udaraw.com
Waiting for verification...
Challenge failed for domain udaraw.com
http-01 challenge for udaraw.com
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): nginx version: nginx/1.10.0 (Ubuntu)
The operating system my web server runs on is (include version): ubuntu 16.04
When using the nginx authenticator, you don't create the .well-known folder because the nginx authenticator adds an exception to your webserver configuration.
You can sometimes get away with having a broken IPv6 address.
Usually this is when the IPv6 address just times out and does not respond at all. In these cases, Let's Encrypt will fall back to the IPv4 address, if available.
However, broken IPv6 addresses will definitely cause trouble if an error occurs at any moment after a connection is successfully established, or if the IPv4 address does any form of HTTP redirect.
In general, yes, the OP should fix their IPv6 address, but I'm skeptical on whether it's the root cause here.
For what it's worth I only tried enabling ipv6 because I read in some other threads that I might need to enable it to fix this issue. So it was failing before as well. I'll fix up the ipv6 configuration today, but don't think that's the root cause either
Try _az's first suggestion. It's only a starting point to test a theory, I think. If it doesn't help, I'm suspecting that something in your nginx configuration may possibly be interfering with the exception being placed by certbot.
You might want to delete the .well-known directory.