When installing a free Let’s Encrypt SSL certificate for your WordPress website, Really Simple SSL will by default handle the authorisation with a directory challenge. A file with a key will be created in the .well-known/acme-challenge directory. This is the easiest method, and can be handled automatically in most cases.
In some situations, this is not possible. For example if you need a wildcard SSL certificate (for multisite) or if your hosting provider blocks the creation of the directory and file, or if the request to this file by Let’s Encrypt is blocked by your hosting company. If it’s not possible to remove this block, or if you need a wildcard, you can switch to DNS verification. Please note that this will only work automatically if you’re on cPanel, and your hosting provider allows the use of the cPanel api for DNS edits. If this is not the case, you can add the TXT records to your DSN configuration manually. Please note that you will need to do this every 90 days for the renewal as well!