lsof -i as an additional check that port 443 is actually being listened on and what listens on it is a webserver. Actually, since you are using standalone, the client itself would be your “webserver”, so it should in theory work. Unless of course 443 is already in use by another process but I’d imagine that in this case certbot would have shown another error. In any case - double check ports and processes.