First of all, redacting your domain name just makes it harder for people to help you out. And it's listed in the link to the authorization details you posted anyway. 
"Connection refused" means just that, when trying to connect to your system it was refused, so Let's Encrypt's servers couldn't verify that you control it.
For details on how Let's Encrypt checks, and what you need to allow in order for them to validate you control the domain name, this may help you: