That was the issue! My cat command didn’t break the END/BEGIN lines. Thank you for the suggestion. Now I have a different problem …
caddy[445]: 2017/10/31 09:21:01 [INFO] Successfully loaded TLS assets from /etc/ssl/caddy/[domain].pem and /etc/ssl/caddy/[domain].key.pem
caddy[445]: 2017/10/31 09:21:01 [NOTICE] There is already a certificate loaded for [domain].com, so certificate for [[domain].com www.[domain].com] will not service that name
caddy[445]: 2017/10/31 09:21:01 [NOTICE] There is already a certificate loaded for www.[domain].com, so certificate for [www.[domain].com] will not service that name
I edited my systemd file to remove -agree=“true” and restarted, but to no effect. Caddy continues to download a cert into /etc/ssl/caddy/ocsp/