"Open or Forward LUCI Port for external access."?

In the directions for How to run (acme.sh) on OpenWRT, the 4th and final item says:
What does this piece of shorthand mean? It's not clear to me how to do what the directions are asking me.

I think the openwrt acme script wrapper automatically opens the port(s).
Line 123-124

There is no run.sh on my openWRT installation that I can find.

I'm slightly borked right now. Chrome doesn't even recognize at all. It doesn't even fail the certificate. It just says:
I'm convinced this is because I haven't completed the 4th item in the directions, Open or Forward LUCI Port for external access.

You don't have: /usr/lib/acme/run-acme ?
This script should be automatically called.
I use dns api, so I have no experience with standalone mode.
But as I understand this, acme starts/modify the existing uhttpd config, so letsencrypt can verify everything?
What does the acme log show? (Enable debug logging)
And I also recommend to use staging when testing around otherwise it is possible that letsencrypt will block you for 1 hour.

Yes, the system has /usr/lib/acme/run-acme (which is not the same as run.sh). Ok, I enabled debug logging on the ACME certificates page and restarted acme with /etc/init.d/acme start. However, I am not finding a log file with find / -print | grep acme.sh.log. Anyways, I can't find a log for acme.

I rebooted and Chrome now finds but fails on the certificate. Firefox also fails the certificate but I can walk past the failure on Firefox but not on Chrome.

That said, what does Open or Forward LUCI Port for external access mean?

I assume your router is Are you trying to access it from outside your local network?

I'm only trying to access it inside my local area network.
What I'm really trying to do is use https for LUCI inside my local area network.

Then you're not needing external access so you don't need to open or forward any ports.

SSH into your router and paste the output of 'cat /etc/config/acme' here. Remove any personal info like emails or passwords and use the 'preformatted text' option (its the </> above the text box).

That's what I thought as well. However, the directions really should mention that this step is optional.

Any guess as to why the certificate is still bouncing? I rebooted and I'm still not seeing an acme log file.

At this point, I think I must have borked something and so I am going to re-install and start over with a fresh openWRT.