The path to your config files may differ depending on your Linux distribution.
In /etc/letsencrypt/options-ssl-apache.conf you should use these Parameters to reach a 100% overall on SSL Labs check. If possible include TLS 1.3 also. In 2020 TLS 1.0 and TLS 1.1 will win you errors in your favorite browser if you still allow them. These old versions of TLS are announced deprecated in 2018.
SSLEngine on SSLProtocol -all +TLSv1.2 +TLSv1.3 SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384 SSLHonorCipherOrder on SSLCompression off SSLOptions +StrictRequire SSLSessionTickets off SSLUseStapling on SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors off SSLStaplingCache shmcb:/var/run/ocsp(128000) SSLOpenSSLConfCmd ECDHParameters Automatic
In /etc/apache2/sites-available/000-default-le-ssl.conf use fullchain.pem instead of cert.pem for full chain of trust. Otherwise you downed to B by not providing the full chain of trust.
ServerName [your servers name or FQDN]
SSLCertificateFile /etc/letsencrypt/live/yourFQDN/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourFQDN/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf