Hello @Osiris,
I've just tested it (using staging) with a site with permanent redirect from http to https, and the served certificate for this site is self-signed, also, it is not valid for the tested domain and I've received the same error but the certificate was created with success.
2015-12-16 14:34:33,295:ERROR:acme.challenges:Unable to reach http://lots.sahsanu.com/.well-known/acme-challenge/3xl2ZY-HE55XeIDnpna5hEedGi2Z7uq32L8_QlZUSMI: bad handshake: Error([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')],)
2015-12-16 14:34:33,295:WARNING:letsencrypt.plugins.manual:Self-verify of challenge failed.
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/lots.sahsanu.com/fullchain.pem. Your cert
will expire on 2016-03-15. To obtain a new version of the
certificate in the future, simply run Let's Encrypt again.
- If you like Let's Encrypt, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
So seems the certificate is created even with that error.
Cheers,
sahsanu