OK. I cannot reach that URL. I get the same "Connection Refused" which means something is not allowing that request to reach the certbot standalone server.
If you try that URL, does it work for you?
And, what does this show while the standalone is paused:
sudo netstat -pant | grep -i listen | grep 80
I stopped the application running on tomcat. Should I restart it?
The certbot standalone server should show as listening on port 80 while it is paused. I don't have any ideas why it would not show up. Sorry. Makes no sense to me.
You should be seeing something like this. It is a python script so that is the name
tcp6 0 0 :::80 :::* LISTEN 9320/python3
That may require using a second SSH connection.
[so that you don't stop the certbot command]