endit your /etc/apache2/sites-enabled-le-ssl.conf file aand add the following code under the <Virtualhost *:443> header just after the Servername should be fine:
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; >
</IfModule>
Save the file. Restart apache2 using the following or your system’s equivalent:
systemctl restart apache2
Done. 