New client secret not updating in SharePoint online for SharePoint Addin

My client has a custom provider hosted SharePoint Addin.

This is an ASP.NET MVC app that is hosted in their Azure environment. The solution was created using the Visual Studio 2015 SharePoint Addin project template. The solution was successfully deployed into production and working for a year. Unfortunately, no one had realised the initial client secret is only valid for a year.

After a year we suddenly started getting this error.

Invalid JWT token. Could not resolve issuer token.

It turns out this error is thrown when the client secret has expired.

I then followed the guide set out on this page

https://dev.office.com/sharepoint/docs/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in

Using this part of the guide as the client secret had already expired (i.e. I wasn't renewing it, but replacing it)

"Create a client secret that is valid for three years"

Running the Powershell scripts seemed to be successful. I was able to identify that the client secret had expired. I was able to delete the existing one, create the new client and update the ASP.NET application. Running the script again also showed that the new secret had been created and was now valid for 3 years.

I waited 24 hours and then ran the ASP.NET application, but it still returned the same error. I installing the SharePoint Addin into a different site collection and it still had the same error. Also on the details of the SharePoint Addin it says "This App's credentials have expired"

Has anyone had a similar experience or know if the documentation is missing an important step that fixes this.