How did you wind up with OpenSSL 1.1.0b in /usr/include/openssl? Ubuntu 16.10 ships with 1.0.2g, i believe.
From past posts, the Python cryptography module (or at least the version used by certbot) may not be compatible with OpenSSL 1.1. You may be better off with 1.0.2: