I let this issue rest while I did other things.
I decided to spin up another VPS to try nginx. I was having the same exact problem trying to get certbot to run for www.s.irminger.org for searx on the nginx VPS.
I think this solution applies to the nginx server and would also resolve my original post about apache.
I referenced this post
and this question
the wsgi wasn't allowing static pages.
this worked for nginx and I think something similar (for apache) would've resolved my issue before. I needed to let it serve static pages under /.well-known/acme-challenge
location ^~ /.well-known/acme-challenge/ {
include /etc/nginx/mime.types;
root /var/www/searx/;
}