Certbot-auto: Client lacks sufficient authorization

Here we go again with LetsEncrypt and SSL certificates. The server is nginx and I am running a Ghost blog. I was reading this post on DigitalOcean since I was hosting there. I tried to follow the guide but it did not really work.

I don't have to go through all my problems but when issuing this command to create the certificate
sudo /opt/certbot-auto certonly --webroot -w /var/www/ghost -d blog.mydomain.com
it failed with a lot of code and "...client lacks sufficient authorization..."

This command creates the hidden folder .well-known in the web root.

sudo /opt/certbot-auto certonly --webroot -w /var/www/ghost -d blog.mydomain.com

Then it checks back with a http request on that folder. I was not even able to access a html file I put in that folder. So the problem seems to be on the nginx side.

I put this code in my site config file and restarted nginx. Voila! This fixed it.

location ~ ^/.well-known { root /var/www/ghost; allow all; }

Thanks to this post on letsencrypt that gave me the idea!