Can't set up Let's Encrypt certificate with Apache 2.4, "invalid response" according to Chrome

It looks like your server does not send any SSL certificate on port 443, even if your config seems OK. Here is a list of things you should check (I suppose you're using debian or ubuntu because of your use of a2ensite) :

  • Check that the permissions on /etc/letsencrypt/live/example.com/ let the user apache2 read them (including the rights of each directory level). As you manually downloaded those files, the permissions might be wrong
  • Check the server logs (usually in /var/log/apache2 : access.log, error.log, example.com.access.log and example.com.error.log : there might be relevant information there
  • Check that you restarted (or reloaded) the apache2 server after enabling your virtualhost
  • Check that there is not another enabled VirtualHost (in /etc/apache2/sites-enabled) configured for the same ServerName and port. When it's the case, Apache uses the first one in alphabetic order
  • Check that your fullchain.pem matches the private key from pivkey.pem (you might have copied the wrong files). Both command-lines below should give the same result :

    openssl x509 -noout -modulus -in /etc/letsencrypt/live/example.com/fullchain.pem | openssl md5 openssl rsa -noout -modulus -in /etc/letsencrypt/live/example.com/privkey.pem | openssl md5

(source : https://www.digicert.com/ssl-support/apache-fix-common-ssl-errors.htm)