使用certbot申请Let's Encrypt证书出错

按照文档操作的：https://certbot.eff.org/#cent...
但是下面的命令报错：

    [root@test ~]# certbot certonly --webroot -w /var/www/www.example.com -d example.com -d www.example.com
    
    Failed authorization procedure. example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-ch
    <head><title>404 Not Found</title></head>
    <body bgcolor="white">
    <center><h1>404 Not Found</h1></center>
    <hr><center>", www.example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.example.com/.well-known/acme-challenge/k
    <head><title>404 Not Found</title></head>
    <body bgcolor="white">
    <center><h1>404 Not Found</h1></center>
    <hr><center>"
    
    IMPORTANT NOTES:
     - If you lose your account credentials, you can recover through
       e-mails sent to example@example.com.
     - The following errors were reported by the server:
    
       Domain: example.com
       Type:   unauthorized
       Detail: Invalid response from
       http://example.com/.well-known/acme-challenge/wGNv57IGJjHQ9wyzzALktpNaPzfnTtN3m7u3QuO4p40:
       "<html>
       <head><title>404 Not Found</title></head>
       <body bgcolor="white">
       <center><h1>404 Not Found</h1></center>
       <hr><center>"
    
       Domain: www.example.com
       Type:   unauthorized
       Detail: Invalid response from
       http://www.example.com/.well-known/acme-challenge/kFJ0CSuKOdgcT2xmciB4GGNCcnUPoIbpQmA9jOII_Bk:
       "<html>
       <head><title>404 Not Found</title></head>
       <body bgcolor="white">
       <center><h1>404 Not Found</h1></center>
       <hr><center>"
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A record(s) for that domain
       contain(s) the right IP address.
     - Your account credentials have been saved in your Certbot
       configuration directory at /etc/letsencrypt. You should make a
       secure backup of this folder now. This configuration directory will
       also contain certificates and private keys obtained by Certbot so
       making regular backups of this folder is ideal.

域名example.com和 www.example.com`可以正常访问。
在文档中有这样一个note：

Note:
To use the webroot plugin, your server must be configured to serve files from hidden directories. If /.well-known is treated specially by your webserver configuration, you might need to modify the configuration to ensure that files inside /.well-known/acme-challenge are served by the webserver.

不知是不是上面note说的原因，也不知道在哪里修改上面说的配置，请大神帮看看。