All signed purchased SSL certificates replaced with self-signed versions

cpanel Support Request ID 8778891 opened. Did a server migration from 62.x to 64.0.36. One-time after migration, ALL signed purchased SSL certificates were replaced with self-signed versions, and many more "default" subdomains were added to existing accounts which weren't there previously, and there are a lot of self-signed certificates that showed up. Once a day now for three days, other functions like an upgrade from mysql-> mariadb10.1, and a system update, which have nothing to do with SSL certs, causes a subset of the signed certificates to regress back to the self-signed version, and I have to go through and select the signed certificate on each domain. Upon further investigation when re-applying the signed certificates, only certificates that are under "Apache" which is most of our certs, are the ones that are reverting. The few accounts we have with the certificate under the cpanel user account are not reverting. More important than just visiting websites and seeing the warning, users with email using SSL on the newest IOS and Android will stop connecting all together when a self-signed cert shows up; they can't get their email on the phone at all anymore (lots of support calls to verify this). Once we put the signed cert back on the domain/subdomain, the phones connect again with no problems. Some older phones still connect but the user gets the error about a certificate but they can accept and continue on. This is PITA to have to deal with this each day, hoping for a good resolution soon!