Are you using Lets Encrypt? (If not, you should go ahead and use it to generate SSL certificates to ALL of your web servers).
If you want to run it on EC2 or GCE using the –standalone argument (./letsencrypt-auto certonly –standalone -d example.com) make sure port 443 (for SSL) is open on that server.
Otherwise you’ll get the infamous:
Go ahead. Install it. Today.