There is definatly something funky going on. It did it on 2 domains again last night. One of them being bestemmingmontferland.nl , looking at the logs I can see:
2024-11-21 00:00:37 v-add-web-domain-backend 'bestemmingm' 'bestemmingmontferland.nl' 'default' ''
2024-11-21 00:00:38 v-delete-web-domain-ssl-force 'bestemmingm' 'bestemmingmontferland.nl' 'no' 'yes'
2024-11-21 00:00:38 v-add-web-domain-ssl-force 'bestemmingm' 'bestemmingmontferland.nl' 'no' 'yes'
That seems at midnight. Then at 2am, when it runs the next time - I get:
2024-11-21 02:03:52 v-delete-web-domain-redirect 'bestemmingm' 'bestemmingmontferland.nl'
2024-11-21 02:03:52 v-restart-service 'apache2' ''
2024-11-21 02:03:52 v-restart-service 'nginx' ''
2024-11-21 02:03:52 v-delete-web-domain-ssl-force 'bestemmingm' 'bestemmingmontferland.nl'
2024-11-21 02:03:54 v-restart-service 'nginx' ''
2024-11-21 02:04:04 v-restart-service 'nginx' ''
2024-11-21 02:04:15 v-generate-ssl-cert 'bestemmingmontferland.nl' '[email protected]' 'US' 'California' 'San Francisco' 'Hestia' 'IT' 'www.bestemmingmontferland.nl'
So it removes the forced ssl, and redirect, and then doesn’t put it back 
Just as an update - the issue only seems to occur on sites that have a LE cert, and “force ssl”, and a redirect to another site. I tried doing it without the LE cert, but it won’t do the 301’s ok on the https, due to there obviously not being a valid certificate any more
Cheers
Andy