Nginx

How to solve the problem of nginx issuing an old SSL certificate?

Hello, show me where to dig;) We have nginx, Lets Encrypt SSL certificate.
Initially, I released the certificate, configured nginx, everything worked well, the time came to renew the certificate, and re-released it. There are no complaints about the certificate, it works.
The problem in nginx for some reason stubbornly issues an old certificate, only changing the port to anything other than listen 443 ssl helps, then nginx gives a new (working) certificate. What could be the problem?
The DNS names in the certificate and in nginx server_name roga.ru www.roga.ru are the same. Checking the certificate from the nginx parameters was checked by openssl x509 -text -in /etc/letsencrypt/live/roga.ru/cert.pem, matches the path in nginx.
nginx version: nginx/1.14.0

# Default website
  server {

    listen 80 default_server;
    #listen [::]:80 default;
    server_name roga.ru www.roga.ru;
    server_name_in_redirect off;
    #return 301 https://$server_name$request_uri;
    
    proxy_set_header	X-Real-IP        $remote_addr;
    proxy_set_header	X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_set_header	Host $host:80;

    set $proxyserver	"http://127.0.0.1:8888";
    set $docroot		"/home/bitrix/www";

    index index.php;
    root /home/bitrix/www;

    # Redirect to ssl if need
    if (-f /home/bitrix/www/.htsecure) { rewrite ^(.*)$ http://$server_name$1 permanent; }

    # Include parameters common to all websites
    include bx/conf/bitrix.conf;

    # Include server monitoring locations
    include bx/server_monitor.conf;
  }

# Default SSL certificate enabled website
  server {
    listen 443 ssl;
    server_name roga.ru www.roga.ru;

    # Enable SSL connection
    include	bx/conf/ssl.conf;
    server_name_in_redirect	off;

    proxy_set_header	X-Real-IP	$remote_addr;
    proxy_set_header	X-Forwarded-For	$proxy_add_x_forwarded_for;
    proxy_set_header	Host		$host:443;
    proxy_set_header	HTTPS 		YES;

    set $proxyserver	"http://127.0.0.1:8888";
    set $docroot		"/home/bitrix/www";

    index index.php;
    root /home/bitrix/www;

    # Include parameters common to all websites
    include bx/conf/bitrix.conf;

    # Include server monitoring API's
    include bx/server_monitor.conf;

  }

bx/conf/ssl.conf
# If they come here using HTTP, bounce them to the correct scheme
# Nginx internal code used for the plain HTTP requests 
# that are sent to HTTPS port to distinguish it from 4XX in a log and an error page redirection.
  error_page 497 https://roga.ru$request_uri;

# Increase keepalive connection lifetime
  keepalive_timeout	70;
  keepalive_requests	150;

# SSL encryption parameters
  ssl			on;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
  ssl_prefer_server_ciphers on;

  ssl_certificate		     /etc/letsencrypt/live/roga.ru/fullchain.pem;
  ssl_certificate_key	    /etc/letsencrypt/live/roga.ru/privkey.pem;
  ssl_trusted_certificate /etc/letsencrypt/live/roga.ru/chain.pem;
  ssl_dhparam		   /etc/ssl/certs/dhparam.pem;
# performance
  ssl_session_cache	shared:SSL:10m;
  ssl_session_timeout	10m;