Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
The --nginx option uses the HTTP Challenge method to prove you control that domain name. That requires an HTTP request from the Let's Encrypt server to be able to reach you from the public internet.
You may have changed things since posting this, but I can’t access this URL, or connect to your domain at all over HTTP. That probably means that your CA can’t either.
Maybe try from your phone or some other external device to see if you can hit that URL and troubleshoot from there.
Thanks for the responses! I finally managed to solve it, here were the issues/tells for reference:
I had enabled ports 80 and 443 both on the server and the router, as well as a higher port
This higher port accepted connections as expected
I could connect to port 80 via http to the server on my home network
Connections from outside were not accepted (e.g. when using a VPN or when connecting via check-host.net)
Turns out that my ISP has a portal where I had to allow for http and https connections to my home network (but higher ports were allowed by default for some reason). I have changed this and was able to get certbot to work as expected, so now my domain allows for both http and https connections.
It's via SGS in Sweden, the website to change these settings is hemma.sgs.se - of note is that you need to be connected to your home network to be able to access this site