If you want to replace the certificate for your hostname with a custom certificate but you had enabled Let's Encrypt, you will need to disable Let's Encrypt for the hostname first. The following command let's DirectAdmin know that it does not need to renew the Let's Encrypt certificate. This is required as DirectAdmin will renew the certificate +/- 60 days after the last renewal, even when the Let's Encrypt certificate is not installed.

rm -rf /usr/local/directadmin/conf/ca.san_config
rm -rf /usr/local/directadmin/conf/cacert.pem.creation_time