Certbot does more than that. Usually you should have a VirtualHost config for port 80 (http) to start with. If challenge is successful certbot will create another VirtualHost config for port 443 (https) with the cert files and other ssl config options for Apache.
None of that happened.
You do not have an explicit VirtualHost for this domain name. You just have some sort of default server from Apache (see the *:* name/port info). Normally you get an error about certbot not finding a virtualhost but that did not happen.
The best way forward is to update your 000-default conf so it is an explicit VirtualHost and re-run certbot. It should create another conf file with suffix of -le-ssl.conf. And, update the http virtualhost with the redirects. Try just adding
<VirtualHost *:80>
at top of your default.conf
and
</VirtualHost>
at the bottom.
then show result of this before trying certbot:
apachectl -t -D DUMP_VHOSTS