Crap. Fixed. Thanks.

Okay. Just so theres no confusion. Please edit how the 000-default should look.. that would be easiest for me to understand..

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf

RewriteEngine on
RewriteCond %{SERVER_NAME} =newkiddintown.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Scrap the rewrite.
Add the two lines right below the top comment block as @Osiris stated.

Let certbot create the correct rewrites afterwards.

So...

ServerName newkiddintown.com
ServerAlias www.newkiddintown.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

Delete this:

RewriteEngine on
RewriteCond %{SERVER_NAME} =newkiddintown.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

Okay, this is done. Checking site.

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port t$
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

ServerName newkiddintown.com
ServerAlias www.newkiddintown.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

I'm confused. Why did you duplicate the other two lines?

Rebooting now for site

they were already on there, ill delete them. youre talking about
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

correct?

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName newkiddintown.com
ServerAlias www.newkiddintown.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

vim: syntax=apache ts=4 sw=4 sts=4 sr noet

I was trying to have you add the server lines ABOVE the existing two.

Apologies, this is fixed.

Now run certbot, install existing, and enable https

This is done. gave success site still doesnt show https when browsing to https://www.newkiddintown.com

here is what was done:

@raspberrypi:~ $ sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache

Which names would you like to activate HTTPS for?

1: newkiddintown.com
2: www.newkiddintown.com

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1,2
Cert not yet due for renewal

You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/newkiddintown.com.conf)

What would you like to do?

1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (may be subject to CA rate limits)

Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Keeping the existing certificate
Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/000-default-le-ssl.conf
Deploying Certificate to VirtualHost /etc/apache2/sites-enabled/000-default-le-ssl.conf
Redirecting vhost in /etc/apache2/sites-enabled/000-default.conf to ssl vhost in /etc/apache2/sites-enabled/000-default-le-ssl.conf

Congratulations! You have successfully enabled https://newkiddintown.com and
https://www.newkiddintown.com

IMPORTANT NOTES:

• If you like Certbot, please consider supporting our work by:

  Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
  Donating to EFF:

Nevermind! Seems to be working. Amazing work.

Looking good!

Are you able to load up https://www.newkiddintown.com/ correctly?

Odd issue, i can only seem to load it up on IOS devices.

Loads great to me.

I'm using an Android.

Well alright then! Sounds good to me. Must be something on the google domains side. Thanks for all your help!

You picked the better solution @garrett_kidd.

Only odd thing is, I cannot access the website internally, only externally. Domain.google.com shows i have 4 certs. Any ideas why this site is now only accessible when im not on the same network as the device holding the website? I might need to start a new topic, lmk if i do.

Two of them are precertificates. You'll see all your Let's Encrypt certificates listed in pairs this way.

Look here (no precertificates):

Versus here (precertificates):