Perfect!
Now do you want certbot to create the HTTPS vhost for you?
[or do you want to do that yourself?]
I think I want certbot to do that. 
Do:
certbot -i apache \
--webroot -w /var/www/matthewalbertcole.com \
-d matthewalbertcole.com \
-d www.matthewalbertcole.com
Back to the same error unfortunately
Deploying certificate
Successfully deployed certificate for matthewalbertcole.com to /etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf
Successfully deployed certificate for www.matthewalbertcole.com to /etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf
Failed redirect for matthewalbertcole.com
Unable to set the redirect enhancement for matthewalbertcole.com.
NEXT STEPS:
- The certificate was saved, but could not be installed (installer: apache). After fixing the error shown below, try installing it again by running:
certbot install --cert-name matthewalbertcole.com
Unable to find corresponding HTTP vhost; Unable to create one as intended addresses conflict; Current configuration does not support automated redirection
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
Not exactly.
Restart Apache and enjoy life!
Did it ask you if you wanted redirection?
If so, we had already done that.
EDIT: I do see how it seems full-circle.
But not all was wasted...
We did add the extra name into the cert.
We did add a cool redirection that takes into account any future HTTP challenge requests.
That still seems really weird.
ok the website works now! thank you
ya, no idea what that means
Now I'm confused...
There was already an HTTPS vhost configured for BOTH names:
Please show the current output of:
sudo apachectl -t -D DUMP_VHOSTS
root@nodejs-s-1vcpu-1gb-nyc3-01:~/matthewalbertcole.com# sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:443 is a NameVirtualHost
default server www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
port 443 namevhost www.matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:2)
port 443 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com-le-ssl.conf:12)
port 443 namevhost www.pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:2)
port 443 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org-le-ssl.conf:12)
*:80 is a NameVirtualHost
default server matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
port 80 namevhost matthewalbertcole.com (/etc/apache2/sites-enabled/matthewalbertcole.com.conf:1)
alias www.matthewalbertcole.com
port 80 namevhost pdxwater.org (/etc/apache2/sites-enabled/pdxwater.org.conf:1)
alias www.pdxwater.org
Ok that doesn't seem to have changed.
Please show that file.
And the output of:
certbot certificates
root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# cat matthewalbertcole.com-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin root@matthewalbertcole.com
DocumentRoot /var/www/matthewalbertcole.com
ServerName www.matthewalbertcole.com
Redirect permanent / https://matthewalbertcole.com
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/matthewalbertcole.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/matthewalbertcole.com/privkey.pem
</VirtualHost>
<VirtualHost *:443>
ServerAdmin root@matthewalbertcole.com
DocumentRoot /var/www/matthewalbertcole.com
ServerName matthewalbertcole.com
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLEngine on
SSLProxyEngine on
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
ProxyRequests Off
ProxyPreserveHost On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests Off
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
Timeout 600
ProxyTimeout 600
SetEnv proxy-nokeepalive 1
SetEnv proxy-initial-not-pooled 1
SSLCertificateFile /etc/letsencrypt/live/matthewalbertcole.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/matthewalbertcole.com/privkey.pem
</VirtualHost>
</IfModule>
root@nodejs-s-1vcpu-1gb-nyc3-01:/etc/apache2/sites-enabled# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
Certificate Name: matthewalbertcole.com-0001
Serial Number: 3764ecefe16ad1dc47dc81a53da3306a2f2
Key Type: RSA
Domains: matthewalbertcole.com
Expiry Date: 2022-01-13 02:05:29+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/matthewalbertcole.com-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/matthewalbertcole.com-0001/privkey.pem
Certificate Name: matthewalbertcole.com
Serial Number: 391e35cbfcb66ef4a52886c6e9e3879c49d
Key Type: RSA
Domains: matthewalbertcole.com www.matthewalbertcole.com
Expiry Date: 2022-01-13 05:08:17+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/matthewalbertcole.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/matthewalbertcole.com/privkey.pem
Certificate Name: pdxwater.org-0001
Serial Number: 496a9dcb4ebc15ecb2b3e4f556005736f54
Key Type: RSA
Domains: pdxwater.org
Expiry Date: 2021-11-29 08:58:53+00:00 (VALID: 45 days)
Certificate Path: /etc/letsencrypt/live/pdxwater.org-0001/fullchain.pem
Private Key Path: /etc/letsencrypt/live/pdxwater.org-0001/privkey.pem
Certificate Name: pdxwater.org
Serial Number: 377ed01cda572be801c2562016df54587bc
Key Type: RSA
Domains: pdxwater.org www.pdxwater.org
Expiry Date: 2021-11-29 19:47:10+00:00 (VALID: 45 days)
Certificate Path: /etc/letsencrypt/live/pdxwater.org/fullchain.pem
Private Key Path: /etc/letsencrypt/live/pdxwater.org/privkey.pem
Certificate Name: www.matthewalbertcole.com
Serial Number: 486ca6f83b043b88476794e8f984f772946
Key Type: RSA
Domains: www.matthewalbertcole.com
Expiry Date: 2022-01-13 02:00:50+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/www.matthewalbertcole.com/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.matthewalbertcole.com/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
I don't see much of anything wrong there...
You can remove the unused cert:
cerbot delete --cert-name matthewalbertcole.com-0001
All should be well now 
Thank You for your help. Happy to see it working again!
Glad to have helped 
Cheers from Miami 
#FreeCUBA 