Currently I am able to access my site without SSL (i.e. on port 80) from internet.
I am trying to install SSL Certificate using "sudo certbot --nginx" on my Web server, it gives me below error :
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: [my site name] Type: connection
Detail: [public ip ]: Fetching http:[my site name]/.well-known/acme-challenge/otj7M6qkkXMDPVDL-y5385XYnvZs07Yo Rsln1Qw3214U: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority fatled to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
Cleaning up challenges
Some challenges have failed.
It's going to be very challenging to get help here without revealing the domain name. Basically, the message says what it means, that from Let's Encrypt's validation servers, trying to get to your site doesn't connect, which usually means a firewall is blocking it. While you may think your site is accessible on port 80 from the entire Internet, that doesn't look to actually be true, at least from where Let's Encrypt is sitting. It may be that the firewall blocking it is from your Internet provider, or even further upstream of them, but somewhere before your servers, at least from some places, the connection is blocked.
There's not really anything we can do to help you. Your site needs to be accessible on port 80 from everywhere on the Internet in order to get a certificate (using the usually-easiest HTTP-01 method), and it isn't.
If your DNS server is publicly accessible, you might want to look into the DNS-01 method, but that involves either having a DNS provider with an API or using something like acme-dns that acts as a DNS server to handle automating the challenge.