Oh, the cert could be improved like my earlier post but Safari might fail because you do not redirect HTTP to HTTPS. Did you try explicitly using https://urbanbeach.com?
You should add a redirect though unless you intentionally need to support HTTP
Some modern browsers try HTTP and HTTPS simultaneously. And, perhaps Brave is one of those (if Chromium based then probably does). Safari might not I am not sure but it sounds like it.
Unless of course Safari never worked then maybe what Bruce mentioned might apply
I'm not sure what you mean by the following. Are they commands that I should run?:
The improvement is to change
SSLCertificateChainFile /etc/letsencrypt/live/urbanbeach.com/fullchain.pem
to
SSLCertificateChainFile /etc/letsencrypt/live/urbanbeach.com/chain.pem
I'm not sure how to omit "ChainFile" or use the "fullchain.pem" for SSLCertificateFile. Where is the line for "ChainFile"?
On Apache versions since 2.4.8 you should actually omit the "ChainFile" line and use the "fullchain.pem" for SSLCertificateFile. Yours you do like above though
Change the line for the SSLCertificateChainFile as I described (replacing fullchain.pem with chain.pem).
You cannot omit this line for ChainFile because your Apache is too old. I mentioned it only because you said you planned to migrate to a new system. When you have a modern Apache version you specify the above certificate lines differently. They look like this for versions 2.4.8 and later
I changed it to full.chain as you suggested. I don't know what that is supposed to do. I renewed the certificate and it succeeded. On Safari, it still works the same way.
Thanks for all your help. You were very knowledgeable.