When setting up BBB, you have the option of using an HTTP or DNS challenge to verify domain ownership with Let’s Encrypt. While HTTP verification is more convenient, certbot may not be able to write to the well-known acme-challenge directory to place the token which then can be read by accessing the URL:
http://<YOUR_DOMAIN>/.well-known/acme-challenge/<TOKEN>
An alternative is to use DNS as a challenge-response mechanism.
Using Certbot DNS-01 Challenge.
To use the DNS challenge, request a certificate using the parameters shown below:
certbot -d your.domain.com --manual --preferred-challenges dns certonly
You will see a request to create a DNS entry with the supplied token.
Create a TXT record in your public DNS server’s zone and add the token as the text string.
When finished, wait a few minutes then press enter to continue.