Many thanks, Juergen. I had viewed Check-your-website for my domain before posting here, but the results were like Greek to me...
To answer your question, this is what I get when typing apachect -S:
[Mon Jul 01 10:10:32.855912 2019] [so:warn] [pid 24014] AH01574: module cgid_module is already loaded, skipping
AH00526: Syntax error on line 32 of /etc/apache2/sites-enabled/arcanevoid.xyz.conf:
SSLCertificateFile: file '/etc/letsencrypt/live/www.arcanevoid.xyz/fullchain.pem' does not exist or is empty
Action '-S' failed.
The Apache error log may have more information.
Now, something really weird seems to have happened last night...
This morning, opening my website, I discovered that my certificates had been renewed! But I didn't do it.
Checking the /var/log/letsencrypt/letsencrypt.log file, it seems like some operation began yesterday around 11pm, as I was outside enjoying the cool night air an trying to forget about security certificates.
These are the first relevant lines in the log:
2019-06-30 22:59:37,416:DEBUG:certbot.main:certbot version: 0.31.0
2019-06-30 22:59:37,418:DEBUG:certbot.main:Arguments: ['-q']
2019-06-30 22:59:37,419:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-06-30 22:59:37,441:DEBUG:certbot.log:Root logging level set at 30
2019-06-30 22:59:37,443:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-06-30 22:59:37,466:DEBUG:certbot.plugins.selection:Requested authenticator <certbot.cli._Default object at 0x7f714fdc3710> and installer <certbot.cli._Default object at 0x7f714fdc3710>
2019-06-30 22:59:37,488:DEBUG:certbot.storage:Should renew, less than 30 days before certificate expiry 2019-04-02 21:00:20 UTC.
2019-06-30 22:59:37,488:INFO:certbot.renewal:Cert is due for renewal, auto-renewing...
2019-06-30 22:59:37,488:INFO:certbot.renewal:Non-interactive renewal: random delay of 49 seconds
2019-06-30 23:00:26,507:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache
2019-06-30 23:00:26,814:DEBUG:certbot_apache.configurator:Apache version is 2.4.18
2019-06-30 23:00:27,775:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_debian.DebianConfigurator object at 0x7f714fe20e10>
Prep: True
2019-06-30 23:00:27,781:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: apache = certbot_apache.entrypoint:ENTRYPOINT
Initialized: <certbot_apache.override_debian.DebianConfigurator object at 0x7f714fe20e10>
Prep: True
2019-06-30 23:00:27,782:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_apache.override_debian.DebianConfigurator object at 0x7f714fe20e10> and installer <certbot_apache.override_debian.DebianCo$
2019-06-30 23:00:27,782:INFO:certbot.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2019-06-30 23:00:27,840:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(only_return_existing=None, key=None, external_account_binding=None, status=None, agreement=None, contac$
2019-06-30 23:00:27,847:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2019-06-30 23:00:27,856:INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
2019-06-30 23:00:28,056:DEBUG:requests.packages.urllib3.connectionpool:"GET /directory HTTP/1.1" 200 658
2019-06-30 23:00:28,057:DEBUG:acme.client:Received response:
HTTP 200
Expires: Sun, 30 Jun 2019 23:00:28 GMT
X-Frame-Options: DENY
Content-Type: application/json
Connection: keep-alive
Content-Length: 658
Server: nginx
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Strict-Transport-Security: max-age=604800
Date: Sun, 30 Jun 2019 23:00:28 GMT
What on earth happened? Happy to share the full log file if necessary. Did I just happen, by chance, to change my server settings to the right configuration before I left, thus enabling Certbot to renew my certs automatically??
Just to be clear: is the following a good config for my main vHost file, in order to work smoothly with Certbot? (I changed "VirtualHost *:80" to 443 before ditching the computer yesterday)
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName www.arcanevoid.xyz
ServerAlias arcanevoid.xyz
ServerAdmin don.caviare@gmail.com
DocumentRoot /home/mycloud/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.arcanevoid.xyz/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.arcanevoid.xyz/privkey.pem
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet