Newly in Certbot 0.14, released yesterday, it is recommended to try the nginx plugin if you’re obtaining certificates with nginx.
sudo certbot --nginx -d example.com -d www.example.com
Since this plugin has not been widely used, it’s possible that it will have bugs which you can tell us about so we can fix them. However, it might be simpler than the webroot approach for nginx users in the future, because it’s more automated (and doesn’t require a webroot).
You will probably only have the new version if you’re using the autoupdated Certbot via something like
certbot-auto, so this suggestion may not apply to you yet if you installed Certbot from an operating system package.
@Nekit’s answer is also correct and is exactly what you might do if you decide to go ahead with the traditional webroot method.