Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Commonly this type of problem is caused by a client that renews a certificate but does not restart or reload the web server. If you restart Apache, does the problem go away?
If the problem goes away after restarting Apache, you should file an issue against your ACME client suggesting it should have ability to restart web servers upon renewal. Otherwise you are likely to have this problem again in 60 days.
Then the next thing I would try is to check the Apache config to see what paths the SSLCertificate line points to. Is that the same file being updated by your ACME client? If you decode the certificate with openssl does it show that it’s up to date?
Another thing to check would be that the IP address for your site is pointing to the server you expect it to.
When I upgraded to ACMEv2 the client moved my files to a different directory. However, they also handle the files differently (no pem files). So I had to change the cert path in my vhosts file and recreate each of my domains using the pem option.
