The SSL Certificate File is a lock.
The SSL Certificate Key File is its key.
Storing the two together is the equivalent of taping your key to the lock on your front door.
If an attacker compromises the single file they have everything they need to successfully impersonate your website (the certificate, and the private key).
This is especially true if you do not have a passphrase on your SSL key (many web servers don't, to allow them to automatically start up in the event of a crash).
What you're defending against by separating the files is an Apache bug that causes it to dump the contents of the SSLCertificateFile
(something that should be publicly available) to a web client.
(To my knowledge no such bug exists, or has ever existed, but Apache is a large, complex piece of software. It's entirely possible.)
If Apache dumps this file and all it contains is the SSL Certificate (the lock) there's no problem: Everyone gets a copy of that certificate when they make an SSL request to the server anyway.
If the file contains the key as well you've blown any chance at security - your entire encryption model is compromised, and you need to change keys.