[my apologies, in advance, on the lengthy read]
If --standalone was used to obtain the cert, some "extra" step(s) may have been taken manually in order for that request to have completed correctly; Namely: Stopping and restarting the apache web server.
We should be able to look into the renewal config to see if that is the case, or do a test renewal (with --dry-run), to confirm.
If so, then the automated renewal process is missing those steps taken manually and will not complete, as expected, in the coming months.
In review: If apache failed you with a .dev gTLD, while certbot spun a temporary web server and was able to do so, then the actual problem has nothing to do with the name being requested - and has all to do with the difference in the configurations in use by the two web servers.
So, you would do well by reviewing your apache's config.
Here I re-re-re-re-re-repeat myself on this forum: Apache is notorious for running at all costs.
[I've said it dozens of times and will probably say it a dozen more]
Apache will do everything possible to run with a config that would otherwise be rejected by almost any other web server.
Errors will always creep into things over time and repeated manual modification - this is normal; as is with just about everything else in life.
Overlooking those errors is not; apache, although with the best of intentions, seems to look the other way a bit too much at times. And this may be one of those times.
Please start by checking your apache config with: apachectl -S
If enough errors can be corrected (to the point where certbot and apache can be used to get/renew your certs), this process can then be easily automated without having to stop and then restart apache.
READERS: Get involved and participate: If you read something you like, then click to like it 