HTTPS LetsEncrypt certificate question regarding ports

I would like to setup my freepbx server with HTTPS and a certificate. I started looking into letsencrypt which I find to be very interesting. I understand that I need to add some url’s to my whitelist within my firewall, no problem.

What I don’t understand is how the challenge portion works I guess. I currently only have my freepbx server’s UCP http port open to the world and this is a unique port.

I tried creating a letsencrypt certificate through certificate manager and I told it that I wanted to use https as my challenge protocol (I have input the letsencrypt required url’s into my trusted zone) and I receive the error “There was an error updating the certificate: couldn’t connect to host”

I am using the latest version of Freepbx, system admin and Certificate manager modules …

PBX Firmware: 10.13.66-15
PBX Service Pack:

Certificate Manager 13.0.34

System Admin 13.0.67

So do I need to open more ports up of some kind or what? I am not sure what I am doing wrong. I did try to search this one out but I guess that this is all to new to find to much information out there about this.

Bump … Can anyone possibly point me toward docs re FreePBX and Letsencrypt??