Hi Arkur,
I'm wondering that the path to certificate and key in your nginx.conf points to /etc/opencast/ssl, since usually LetsEncrypt certificates obtained with certbot are stored in /etc/letsencrypt/archive/... (with a symlink in /etc/letsencrypt/live/... that points to the current version), but maybe this is different in Ubuntu.
I also recommend to use pem format and provide the fullchain including intermediate certificate. As an example, this is the config of our installation:
# Path to the TLS certificate and private key. In almost all cases, you
# need to provide intermediate certificates as well to ensure browsers
# get the whole certificate chain.
ssl_certificate_key /etc/letsencrypt/live/SERVER_URL/privkey.pem;
ssl_certificate /etc/letsencrypt/live/SERVER_URL/fullchain.pem;
In your case, SERVER_URL would be opencast.vu2vu.online.
Regards,
Dietmar