To begin with, there is no config cert section in the acme config.
config cert 'main'
option use_staging '0'
option enabled '1'
option keylength '2048'
option update_uhttpd '1'
list domains 'your.domain.com'
That is an example from mine, customize it to your needs.
If I remember well, the script creates the ALLOW firewall rules and it is not conflicting with uhttpd.
Also I noticed 2 WAN interfaces. In case they are both operational, make sure that the communication is sourcing from the correct one.
Lastly, not so important but keep it in mind, you have a disabled DNAT rule for port 80 to some device in DMZ. Enabling that could create problems.