If you’re running Apache web server and you have your site protected with HTTP authentication but still want to allow Let’s Encrypt/Certbot to be able to issue a certificate you will have to allow access to the .well-known folder on your site. Otherwise they may give you an error and fail to issue you a certificate.
You can allow access to individual folders within that site by creating a .htaccess file in the folder (in this case within the .well-known folder) with the following contents:
Allow from all
This will allow anyone to access that folder thus allowing Let’s Encrypt/Certbot to verify your domain and issue you a certificate.