Glad at least 443 is working now. It was not open earlier when I only saw port 22.
Yes, your local network test was not reaching your Apache and was being rejected by whatever micro_httpd is. Maybe something like a router admin interface?
Without port 80 you have either DNS Challenge or TLS-ALPN which uses port 443 only.
Apache supports TLS-ALPN with the mod_md feature. It's quite easy to use. See more details below and then of course the Apache docs. I did one as a test a few months back and had it working inside like 10 minutes and that included reading mod_md docs.
I don't have time anymore tonite to post more but it is worth a look. Probably easier than automating a DNS Challenge.