That's from your installation documentation and worked wonderful before the upgrade
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ServerName mydomainAlias /static "/opt/mailman/web/static" <Directory "/opt/mailman/web/static"> Require all granted </Directory>
<IfModule mod_headers.c> RequestHeader unset X-Forwarded-Proto <If "%{HTTPS} =~ /on/"> RequestHeader set X-Forwarded-Proto "https" </If> </IfModule>
<IfModule mod_proxy.c> ProxyPreserveHost On ProxyPass "/mailman3" "http://127.0.0.1:8000/mailman3" ProxyPass "/archives" "http://127.0.0.1:8000/archives" ProxyPass "/accounts" "http://127.0.0.1:8000/accounts" ProxyPass "/admin" "http://127.0.0.1:8000/admin" ProxyPass "/user-profile" "http://127.0.0.1:8000/user-profile" </IfModule>
Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/mydomain/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mydomain/privkey.pem </VirtualHost>