Can I issue a certificate if my webserver doesn't listen on port 80?
Yes, using the DNS-01 or TLS-ALPN-01 challenge. However, Certbot does not include support for TLS-ALPN-01 yet. If you're using any Certbot with any method other than DNS authentication, your web server must listen on port 80, or at least be capable of doing so temporarily during certificate validation.
If you have an ISP or firewall that blocks port 80 and you can't get it unblocked, you'll need to use DNS authentication or a different Let's Encrypt client.