AWS Elastic Beanstalk .ebextensions File creation not working (apache config)

Following the instructions at https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-php.html I've been trying to add my SSL certificate to allow for https for my single instance environment.

I've spent a ridiculous amount of time on this and it's driving me crazy.

My important findings are:

• after deployment, if the extensions script execute without error, the /etc/httpd/conf.d/ssl.conf is not created. Or perhaps it is overwritten later on. In any case, the SSL certificate is not working
• after deployment, if for instance, I try to create 2 of the same ssl.conf files - causing an error (module ssl_module is already loaded, skipping), the file is created

I was testing by SSHing onto the EC2 instance after redeploying and checking /etc/httpd/conf.d/.

I'm running on the platform: PHP 7.4 running on 64bit Amazon Linux 2/3.1.2

This is the first time I am working with SSL certificates as well as AWS so any help would be much appreciated.

https-instance.config:

packages:  yum:    mod_ssl: []files:  /etc/pki/tls/certs/server.crt:    mode: "000400"    owner: root    group: root    content: |      -----BEGIN CERTIFICATE-----      1      -----END CERTIFICATE-----      -----BEGIN CERTIFICATE-----      2      -----END CERTIFICATE-----      -----BEGIN CERTIFICATE-----      3      -----END CERTIFICATE-----  /etc/pki/tls/certs/server.key:    mode: "000400"    owner: root    group: root    content: |      -----BEGIN RSA PRIVATE KEY-----      1      -----END RSA PRIVATE KEY-----"/etc/httpd/conf.d/ssl.conf":    mode: "000644"    owner: root    group: root    content: |      LoadModule ssl_module modules/mod_ssl.so      Listen 443<VirtualHost *:443><Proxy *>          Order deny,allow          Allow from all</Proxy>        SSLEngine on        SSLCertificateFile "/etc/pki/tls/certs/server.crt"        SSLCertificateKeyFile "/etc/pki/tls/certs/server.key"        SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH        SSLProtocol All -SSLv2 -SSLv3        SSLHonorCipherOrder On        SSLSessionTickets Off        Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"        Header always set X-Frame-Options DENY        Header always set X-Content-Type-Options nosniff        ProxyPass / http://localhost:80/ retry=0        ProxyPassReverse / http://localhost:80/        ProxyPreserveHost on        RequestHeader set X-Forwarded-Proto "https" early</VirtualHost>

https-instance-single.config (not important for this issue)

Resources:  sslSecurityGroupIngress:    Type: AWS::EC2::SecurityGroupIngress    Properties:      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}      IpProtocol: tcp      ToPort: 443      FromPort: 443      CidrIp: 0.0.0.0/0