When an ACME (lets'encrypt) certificate is renewed and used by accel-pppd for SSTP VPN or openconnect VPN the respective configurations of the VPN clients are not updated with the new certificates and the processes should also need to reload their configurations. As it is now my workaround is to have a script looking at the ACME certificates (if they are modified), modify the configuration to use a "dummy" certificate, commit the configuration, load the original configuration and commit it. This will force the config files for the respective VPN protocols to be re-written and reloaded.

I don't know if there are other protocols/configuration that has the same problem.