Letsencrypt / cert-bot - fail to create a new certifica

Hi All,

Although I’m a N00b to HASS - I dont have issues with the “Smart” portion of the configuration. However, setting up an external SSL connectivity is a B***h.
I followed the instruction (docker on PI):
used duckdns and registered my domain.
forwarded ports 80,443 to my PI (running the certbot command from the PI level. not from the actual container)
running the following command -

./certbot certonly --standalone --email ****** -d ******.duckdns.org

and after the client try to retrieve a certificate getting the following message:

Failed authorization procedure. .duckdns.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://.duckdns.org/.well-known/acme-challenge/b-lRiHwN2kwMvvm7FIcTqo2lf9PseaXckIIlQRDQot0: Timeout during connect (likely firewall problem)

after investigating a bit - it appears that the challenge is not actually arriving to my PI (used tcpdump to capture traffic.

I also tested telnet using the provided domain name - and telnet shows traffic in tcpdump meaning - port forwarding is working as expected…

Thoughts, anyone?