I am facing issues with ISE 3.2.0.542 when installing a certificate and binding it to Admin after Backup/Restore-Migration from 2.7 to 3.2.

For testing the migration from 2.7 to 3.2 I set up a "fresh" ISE and substituted the self signed certificate for Admin with a certificate from our internal CA. The corresponding trusted certificates of our internal CA chain are also installed.
Everything worked fine. ISE restarted, the certficate was bound to Admin and valid.
Let's call it "ISEnew" for further descriptions.

After that, I did a backup of our ISE with version 2.7. Let's call it "ISEold" for further descriptions.
This Backup was restored on ISEnew.
First checks regarding ADE-OS, Deployment, Admin Access, Users/Devices, ...  (visual, no tests yet) seemed to be fine.

Then I looked at the things that I expected would require rework. First the certificates.
Here, as expected, the system certificate of the ISEold (Admin and EAP Authentication) had been replaced by a self-generated one from the ISEnew.
So I reinstalled the certificate for ISEnew, which was already successfully installed before the restore, and bound it to Admin and EAP Authentication.

The ISE reported that it had to restart the application because it was bound to Admin. I was logged out, but there was no restart. The certificate for ISEnew was supposedly bound to Admin, but the self-signed certificate was still used when calling the GUI.
After a long wait during which nothing happened, I restarted the application manually. No change.
Then I reloaded the entire system. No change.

Rebound self signed cert to Admin and EAP Authen. ISE restart reportet, but no restart.
Bound ISEnew cert to Admin. ISE restart reportet, but no restart.

Where's the problem? Is there a documented bug? I didn't find any.