The TLS-SNI-01 validation type used by older versions of Certbot's Apache plugin is being phased out.
You need to upgrade to a newer version of Certbot, or run a slightly different command.
The Certbot PPA unfortunately doesn't have a newer version yet, so upgrading would mean switching to certbot-auto or another installation method. 