While trying to fix a bug on my server (or so I think), I tried several times to get certs with the test api.

I finally chose a solution, and run on the prod' api, while changing nothing on the server (I just erased the files created with the test api and suppress the "-s" from my command line).

The certs could not be created anymore.

letskencrypt: transfer buffer: [{ "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/qk30yIQMeQ6m-vrDqbsPYF7kS_qvlxjGeWZin7rxpvs/200241337", "token": "8Qk0RMRSHnW7nLzgjSQCi1OUYq3ATqAQ_cpSUpd3_cA", "keyAuthorization": "8Qk0RMRSHnW7nLzgjSQCi1OUYq3ATqAQ_cpSUpd3_cA.L4TPRmCy6xGjPSjU2Xzk1Yq6IDS9Z3hiv2ASxM1z42s" }] (335 bytes) letskencrypt: https://acme-v01.api.letsencrypt.org/acme/challenge/E4c3aP9ie4NCyIXYBg3LomYaNlFF1ycX6c6MJPZnPgQ/200241262: status letskencrypt: acme-v01.api.letsencrypt.org: cached letskencrypt: https://acme-v01.api.letsencrypt.org/acme/challenge/E4c3aP9ie4NCyIXYBg3LomYaNlFF1ycX6c6MJPZnPgQ/200241262: bad response letskencrypt: transfer buffer: [{ "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:unauthorized", "detail": "Invalid response from http://www.22decembre.eu/.well-known/acme-challenge/WscTza4K92kl6v_Ikk87h4KrQ7NCjLltNklx1jPAGvU: \"\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\"", "status": 403 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/E4c3aP9ie4NCyIXYBg3LomYaNlFF1ycX6c6MJPZnPgQ/200241262", "token": "WscTza4K92kl6v_Ikk87h4KrQ7NCjLltNklx1jPAGvU", "keyAuthorization": "WscTza4K92kl6v_Ikk87h4KrQ7NCjLltNklx1jPAGvU.L4TPRmCy6xGjPSjU2Xzk1Yq6IDS9Z3hiv2ASxM1z42s", "validationRecord": [ { "url": "http://www.22decembre.eu/.well-known/acme-challenge/WscTza4K92kl6v_Ikk87h4KrQ7NCjLltNklx1jPAGvU", "hostname": "www.22decembre.eu", "port": "80", "addressesResolved": [ "87.63.104.30", "2001:470:2099:e2::2" ], "addressUsed": "87.63.104.30" }, { "url": "https://www.22decembre.eu/.well-known/acme-challenge/WscTza4K92kl6v_Ikk87h4KrQ7NCjLltNklx1jPAGvU", "hostname": "www.22decembre.eu", "port": "443", "addressesResolved": [ "87.63.104.30", "2001:470:2099:e2::2" ], "addressUsed": "87.63.104.30" } ] }] (1406 bytes) letskencrypt: bad exit code: netproc(81652)

All my virtual hosts got their requests pending and the certs were not issued.

I tried once again with the test api. The hosts got their requests successfully valid and the cert was created.

I can't help much here. The error message is saying that the file can't be reached on your server---that's all I can tell you. Sorry! I haven't noticed that the "Let's Encrypt" callback sometimes bugs out (with other clients, before writing letskencrypt), but not enough to actually track down a problem.