Just went through this and saw an older thread that was closed out where a community user had an issue with not being able to connect with HTTPS and LetsEncrypt. The error message will say,
“Failed authorization procedure. dns_name.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to ip_address_here”"
Basically just get a rule added to your firewall. If using ufw then at terminal run, ufw allow 443/tcp. After that run ufw reload and if you want ufw restart. Then to verify the rule is in place, run ufw status verbose and look for the 443.
*** HTTPS needs the port open 443 *****