If the Admin console and WebUI are still using a self signed cert you most likely still have a copy of the old cert in the java keystore
This will display the contents of the keystore and delete any unnecessary entries. The 5.0.2 upgrade will also automatically correct this bug.
Code:
keytool -list -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`
keytool -delete -alias tomcat -keystore /opt/zimbra/mailboxd/etc/keystore -storepass `zmlocalconfig -s -m nokey mailboxd_keystore_password`