Expired certificate is used for port 9001

Hi everyone,
I've renewed the certificate on my virtual Ubuntu server (certificates managed with certbot). For port 80/443 everything works fine and the updated certificate is used.

But when connecting via port 9001 (MQTT), the expired old certificate is still being sent.

I have already restarted the server and all services.
Additionally I have used 'certbot certificates' for displaying all managed certificates. Unfortunately only the new certificate is listed there.

How can I find and delete the old, expired certificate?

My domain is: v220190710108694064.bestsrv.de

The operating system my web server runs on is (include version): Ubuntu 24.04.1

My hosting provider, if applicable, is: ketchup

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.11.0

Thanks!
Manfred

you need to restart MQTT or edit its config to point new certificate on live dir
I don't know how to do that (it doesn't look like it suppose to use public certificate for it)

Thanks for the hint!

My Mosquitto installation required to manually copy the cert-files to a mosquitto folder. After copying the renewed certificates, everything works smoothly.

You should consider to avoid copying by configuring Mosquito to read certificate/key directly from Certbot-managed folder. Or at least use deploy-hook to copy files and reload/restart the daemon.

Thank you, Nekit!

I've now used the deploy-hook for copying the certificates to the Mosquitto folder.