Several things, in your first post you said that you are executing this command from cron.
In that command you didn’y specify a SUBCOMMAND so it will try to use run by default (Obtain & install a cert in your current webserver), and don’t know if that is what you want. Before put such command in cron you should have tested it and know that it could run unattended. Also, which is the user that runs that command?, if it is root should be no problem but if it is another user that user should be able to run sudo commands.
You said that you also tried this command:
Which seems almost ok (there is no need to specify twice the domains, in command line and config file) to me but can’t run unnatended, you should use the following switchs to run unnatended
text. Also, you are using staging server that should be used for test, if you want to get real and valid certificates you should use
https://acme-v01.api.letsencrypt.org/directory as server.
Here my example config file.
rsa-key-size = 4096
server = https://acme-v01.api.letsencrypt.org/directory
email = email@example.com
authenticator = webroot
webroot-path = /path/to/your/webroot
domains = mydomain.tld,www.mydomain.tld
And with that file you should run this command to use it with certonly:
./letsencrypt-auto certonly --config /path/to/your/cli.ini
Once you have checked that all is configured as expected try to run previous command and see what the errors are because seems that letsencrypt cannot get the challenge that should be on
If you still have problems, use debug and verbose parameters to get more info about the error (also check /var/log/letsencrypt.log):
./letsencrypt-auto certonly --config /path/to/your/cli.ini --debug -vvvvv
If you still have issues you could let us know what is your actual domain so we can test whether we reach it from our side.