It should be possible to use port 443 for authentication again since 8 days ago, when the tls-alpn-01 challenge was enabled in production.
This new challenge should also be supported in certbot version 0.25.0, but has partially been removed in version 0.25.1.