If your local Caddy instance isn’t publicly accessible, then ACME issuance with the HTTP or TLS-ALPN challenges can’t complete.
You’ll probably need to use the DNS challenge instead in this case, which will let you local instance issue certs even without being publicly accessible, because it involves you proving that you control the DNS for your domain, instead of proving that you control the server that the domain points to. But you’ll need to build Caddy with the DNS plugin for your provider, and set it up with the API keys to authenticate with your provider.