Are those ServerName
and ServerAlias
lines actually lacking your domain name or did you redact them?
Here's the thing:
If these two virtual hosts happen to have the same ServerName
or ServerAlias
, then it's going to confuse Certbot's Apache authenticator (because it has a chance to apply its changes to the wrong file).
In Apache, domain names must be unique across multiple virtual hosts.
So the solution would be to remove/comment out one of these virtual hosts so that you only have one remaining.
You could also try going the webroot approach which is something like:
certbot renew -a webroot -w /var/www/html --dry-run
but I would suggest fixing up the virtual host conflicts instead, if they exist.