When you don't redirect it (which you shouldn't), then what content will be served?
Meaning, you will need a document root for that case.
Here are some ways (that have worked for me in the past) to handle this case:
#skip challenge requests and
<LocationMatch "^/(?!\.well-known)">
#send all other requests to HTTPS
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1
</LocationMatch>
<Location /.well-known/acme-challenge/>
DocumentRoot /var/www/html
</Location>