Just allowed it through ufw, but ufw is not even on i don't think:
root@lenovo-server:/etc/apache2/sites-available# sudo ufw app info "Apache Full"
Profile: Apache Full
Title: Web Server (HTTP,HTTPS)
Description: Apache v2 is the next generation of the omnipresent Apache web
server.
Ports:
80,443/tcp
root@lenovo-server:/etc/apache2/sites-available# sudo ufw allow in "Apache Full"
Rules updated
Rules updated (v6)
root@lenovo-server:/etc/apache2/sites-available# ls -l /etc/apache2/sites-available/
total 24
-rwxrwxrwx 1 root root 1703 Sep 14 2020 000-default.conf
-rwxrwxrwx 1 root root 1824 Aug 29 22:35 000-default-le-ssl.conf
-rw-r--r-- 1 root root 6338 Mar 22 19:00 default-ssl.conf
-rwxrwxrwx 1 root root 432 Sep 13 2020 groupfinder.conf
-rwxrwxrwx 1 root root 431 Sep 13 2020 wavebuddha.conf
It is NOT firewall related.
We already saw that Apache isn't listening on port 443.
[a firewall rule can't stop that from happening]
I removed the ifmodule ssl and then apache failed to start, so presumably apache is missing the ssl module or it is not enabled.
Something along those lines should get it listening.
BINGO!
Maybe needs:
LoadModule ssl_module modules/mod_ssl.so
root@lenovo-server:/etc/apache2/sites-available# sudo a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
systemctl restart apache2
root@lenovo-server:/etc/apache2/sites-available#
BOOM IT WORKED! thanks for your help so much, can i buy you some coffee 
I don't do coffee 
But I do 
just ran certbot to avoid having to create all the ssl.conf files. Looks like the issue was just that I didn't enable the SSL module in apache.
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the certificate (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Deploying certificate
Some rewrite rules copied from /etc/apache2/sites-enabled/groupfinder.conf were disabled in the vhost for your HTTPS site located at /etc/apache2/sites-available/groupfinder-le-ssl.conf because they have the potential to create redirection loops.
Successfully deployed certificate for groupfinder.cc to /etc/apache2/sites-available/groupfinder-le-ssl.conf
Successfully deployed certificate for www.groupfinder.cc to /etc/apache2/sites-available/groupfinder-le-ssl.conf
Successfully deployed certificate for techmasterdesign.com to /etc/apache2/sites-enabled/000-default-le-ssl.conf
Successfully deployed certificate for www.techmasterdesign.com to /etc/apache2/sites-enabled/000-default-le-ssl.conf
Some rewrite rules copied from /etc/apache2/sites-enabled/wavebuddha.conf were disabled in the vhost for your HTTPS site located at /etc/apache2/sites-available/wavebuddha-le-ssl.conf because they have the potential to create redirection loops.
Successfully deployed certificate for wavebuddha.com to /etc/apache2/sites-available/wavebuddha-le-ssl.conf
Successfully deployed certificate for www.wavebuddha.com to /etc/apache2/sites-available/wavebuddha-le-ssl.conf
Congratulations! You have successfully enabled HTTPS on https://groupfinder.cc, https://www.groupfinder.cc, https://techmasterdesign.com, https://www.techmasterdesign.com, https://wavebuddha.com, and https://www.wavebuddha.com
If you like Certbot, please consider supporting our work by:
root@lenovo-server:/etc/apache2/sites-available#
Link me that paypal BOYO, i'll drink a beer with ya now.
You can click my avatar [twice] to see my "profile" and there you can see how to send me money - LOL
TL;DR: BEER 4 WORK
Thanks for the generous tip!
I now have a cold one in hand with "your name on it" - this one's for you!
Cheers
edit: that went to quick, I've have to get a second one!
I should stop buying 7 oz
Thank you for all your help man, I sincerely appreciate it.
If it weren't for an experienced gigachad like yourself, I would still be pulling my hair out as we speak. Transfering linux servers is never fun, but i've done it so many times now and I feel like I should write a little guide, so that next time I don't get completely lost.
Yes, do that!
We think it's obvious and we'll remember...
And then, when the time comes, we have to reinvent that wheel again.
It's "fun" to cleanup apache messes (slightly biased: I prefer nginx most of the time).
All's well that ends well, and this ended with us drinking !
So, I call that a win-win - w i n !
I "grew up" on apache so i'm just familiar with it, but in the future, when I find time, I might try nginx.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.