You are getting “invalid response” because letsencrypt is obsolete since January of last year due to a security issue. letsencrypt-auto has replaced it and it works. I prefer to use certbot-auto which works with letsencrypt.
The manual is outdated regarding certbot/letsencrypt, and has not been updated since the change to the new “auto” version.
Here are the basic steps to get certbot-auto to grab a certificate for you:
- Go to the certbot website and grab certbot-auto via wget as per the instructions there. (You’ll need to place it in your /usr/bin folder, which should be in your path)
- On your router, make certain port 80 is port forwarded to the machine with NGinx on it.
- Disable your AAAA record on your domain, if it has one. There have been issues with ipv6 and certbot.
- Run certbot-auto with the --nginx option as per instructions for certbot.
- That should grab your certificates and put them in your NGinx config
- In your NGinx config, move the certificate lines to the proper section.
Here is a link to a thread where someone I helped to pull this off detailed what we did to get it to work: