I'm sorry to use such an old post, but it seems that I still have this error:
To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided.
I've just installed Let's Encrypt on my server, so I guess a have the last version.
RPY at home with internet access (no fixed WAN IP)
dynamic DNS with a provider (I've tried several)
sub domain name hosted by another provider, with a CNAME = the DDNS (difficult to change)
If I use only the DDNS instead of my sub domain, no error, certificate saved
If I change the CNAME with an A record with my IP directly, idem: no error, certificate saved.
But I could not have both to access my site.
I've also tried with my Synology with no success (but less info regarding the error)
For the time being, I'm stuck. Any advice please?
(I'm newbie with network, I've started with SSL certificate just a few days)