As Steven says, the TLS-SNI-01 challenge is disabled. The --apache plugin of certbot / letsencrypt-auto currently depends on this challenge. It’s being updated so that it can use the HTTP-01 challenge instead.
If you can’t wait, you’ll have to use a different plugin for now. For example, if you want to use the webroot plugin, you should modify your command as follows:
- change
--apacheto-a webroot -i apache - add
-w /path/to/your/webrootbefore the-d