Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open. (https://letsencrypt.org/)
When creating certificates using LetsEncrypt a folder called ".well-known" is created in the websites public folder (which is typically Drupal's root folder).
RewriteRule "(^|/)." - [F] in Drupal's default .htaccess file specifically prohibits files and folders starting with dots being accessed.
This causes LetsEncrypt to fail when issuing certificates and provide error messages about authorisation.
The best workaround is to add the line
RewriteRule "^.well-known/acme-challenge" - [L]
to .htaccess just above the rule
RewriteRule "(^|/)." - [F].
This would be a appropriate code change in line with Drupal project aims, especially "Open source: Stay committed to free software development, and build on and support other open source projects" .
It would be a very simple change which would send a strong message to the open source community.
If there is consensus that this is a worthy change I can create a patch for it.