I actually got the same error yesterday. After many tries, I ended up resetting the foreman-proxy-ssl* values to their original values with this command:
foreman-installer --reset-foreman-proxy-ssl-cert --reset-foreman-proxy-ssl-key --reset-foreman-proxy-ssl-ca
And then proceeded to change just the SSLCertificateFile, SSLCertificateKeyFile & SSLCertificateChainFile values only with the flags that I posted above:
I may have also rebooted the host to force everything to re-read its configuration from disk. I was concerned that some things may have been storing the certificate in memory, and I didn’t understand the relationship between Apache, the Foreman Server, the Foreman Smart Proxy and the Puppet CA itself.
In the end, the Apache file /etc/apache2/sites-available/05-foreman-ssl.conf contained:
SSLEngine on
SSLCertificateFile "/etc/ssl/certs/foreman.example.org-cert.pem"
SSLCertificateKeyFile "/etc/ssl/private/foreman.example.org-key.pem"
SSLCertificateChainFile "/etc/ssl/certs/gd_bundle.crt"
SSLVerifyClient optional
SSLCACertificateFile "/etc/puppetlabs/puppet/ssl/certs/ca.pem"
SSLCARevocationFile "/etc/puppetlabs/puppet/ssl/crl.pem"
SSLVerifyDepth 3
SSLCARevocationCheck "chain"
SSLOptions +StdEnvVars +ExportCertData