Dovecot 2.2.18 CentOS 6.7 (x86_64) Plesk 12.5.30

I have had Dovecot working fine with SSL for nearly two years now. It's time to renew the SSL certificate, so I did (same CA). The new certificate works fine in Apache and Postfix. But when I update Dovecot to use the same certificate, and restart the server, Dovecot stops responding to connects. I have triple-checked that the ssl_cert and ssl_key files are correct - all I did was change the names in the conf file. There's nothing in the log. I have tried various SSL tests but either they don't work (unspecific error) or they tell me nothing is wrong (and show the correct certificate.) I am running out of time to find a solution to this - what else can I look for?

The one difference for the certificates is that I opted for one with a SHA256 root rather than SHA1 root. I have separately used a tool to verify that the certificate and private key match.

Here is the end of the dovecot -n file that mentions SSL:

ssl = required ssl_cert =

(The !TLSv1 doesn't seem to be honored - I tried it with and without that. A problem for later.)

Thanks for any help.

Steve L