Ok, found the solution by Martynas in thread http://forum.directadmin.com/showthread.php?t=53238
Getting challenge for mywebsitename.com from acme-server...
Waiting for domain verification...
Challenge is valid.
Getting challenge for www. mywebsitename.com from acme-server...
Waiting for domain verification...
Challenge is invalid. Details: Invalid response from http://www.mywebsitename.com/.well-known/acme-challenge/7EL5bRwHpeoxH6cdURaR7NynqCM7VuJ9Uzg0oTPsqSU [178.18.87.86]: 404. Exiting...
I have this same issue. Here I'm trying to give a certificate to a sub-domain (main domain is elsewhere). Normally, this is valid. However, the letsencrypt.sh script automatically adds a second check for "www" with letsencrypt=2 set. This will never work, so it always fails.
Why does the script do this? DA does this, too. I manage to ignore it until this point.
Sub domains do not need www!
If it is requesting a www.$domain which doesn’t exists, I suggest:
Check the subject_AltName= variable in the relevant /usr/local/directadmin/data/user/$user/domains/$domain.san_config file and remove the DNS:www.$subdomain$domain entry from the list there.
After that renew or create your certificate.
Also with letsencrypt=2 set and DA version 1.50.1 installed,
To make sure it isn’t that issue, check if httpd- does NOT have an alias line for “/.well-known” listed.
If that entry is present it will clash with the letsencrypt=2 setting in the directadmin.conf file.
This is because it will also rewrite all $domain/.well-known/ url requests to the main document root in the filesystem which is precisely what you don’t want with letsencrypt=2 set.