Expired Certificate Chain when making requests to cdn.jsdelivr.net

Support,
Unsure where to open this request as it is related to a SSL certificate chain that appears to be expired on the CF side. Any direction/ input would be great! Thank you much!

Harold Smith

Customers are reporting browser errors for expired certs when going to CDN for JSdelivr.net (cdn jsdelivr net) -

This appears to be related to cloudflare expired chain certificate for cdn.jsdelivr.net - This expiry appeared to have happened 2 months ago, but only now showing errors in browsers.

openssl s_client -showcerts -connect cdndomain:443
CONNECTED(00000006)
depth=1 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
depth=1 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
… (redacted)

Server certificate
subject=/CN=ssl363648 cloudflaressl com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2

Start Time: 1596819304
Timeout : 7200 (sec)
Verify return code: 10 (certificate has expired)

I am not sure where you are connecting here, but it does not seem to be the host in question

$ openssl s_client -connect cdn.jsdelivr.net:443 -servername cdn.jsdelivr.net
CONNECTED(00000003)
depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign CloudSSL CA - SHA256 - G3
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Fastly, Inc.", CN = f3.shared.global.fastly.net
verify return:1
---
Certificate chain
 0 s:/C=US/ST=California/L=San Francisco/O=Fastly, Inc./CN=f3.shared.global.fastly.net
   i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign CloudSSL CA - SHA256 - G3
 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign CloudSSL CA - SHA256 - G3
   i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIKbjCCCVagAwIBAgIMDeXpcusHo6Xf3fltMA0GCSqGSIb3DQEBCwUAMFcxCzAJ
BgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRH
bG9iYWxTaWduIENsb3VkU1NMIENBIC0gU0hBMjU2IC0gRzMwHhcNMjAwNzA4MjIw
NzA5WhcNMjEwNDE3MTU0MjQwWjB3MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2Fs
aWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEVMBMGA1UECgwMRmFzdGx5
LCBJbmMuMSQwIgYDVQQDDBtmMy5zaGFyZWQuZ2xvYmFsLmZhc3RseS5uZXQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Rd23xDsYUf3wTS2qCu6c2pzE
2GW4SPsj3Ffyd6TCgySnxTxz7JzoJI+2vMc/eApoy2K64X76pmiCitWt6yG60bbU
k+R3ELSbJM37M9EFIzIQkGHmT4vus5IzYeFJ5a+NCtlFYz0XUgF/X8eecgu+UCzH
bV9NBRWwR8qMcX2jtN0mpXFvRs0StUR7jjsmo8RC2Qh+y77CsU1/x94tvFQuX6te
/yJlPT81N97+k4P4ZdULIMsG+nkBzLHwPBxhWpOAs3+mkhZ/yO3I2YGsZkEwnESz
0YV05bKVy242qB5vFsii2TpCq1F3NiX5DleyI2AmliQbpRPOh+tupXmH54AHAgMB
AAGjggcYMIIHFDAOBgNVHQ8BAf8EBAMCBaAwgYoGCCsGAQUFBwEBBH4wfDBCBggr
BgEFBQcwAoY2aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvY2xv
dWRzc2xzaGEyZzMuY3J0MDYGCCsGAQUFBzABhipodHRwOi8vb2NzcDIuZ2xvYmFs
c2lnbi5jb20vY2xvdWRzc2xzaGEyZzMwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQw
NDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3Np
dG9yeS8wCAYGZ4EMAQICMAkGA1UdEwQCMAAwggSoBgNVHREEggSfMIIEm4IbZjMu
c2hhcmVkLmdsb2JhbC5mYXN0bHkubmV0ggoqLmJlYW0ucHJvgiEqLmNkbmZhc3Rs
eS5lbmRlYXZvcnN0cmVhbWluZy5uZXSCESouY29udGVudHN0YWNrLmlvgggqLmZ0
LmNvbYIKKi5oeWN1LmNvbYISKi5pbm5vZ2FtZXNjZG4uY29tggoqLmlzcG90LnR2
gg4qLmpzZGVsaXZyLm5ldIIOKi5rbmVjdDM2NS5jb22CDioubHVtb3NpdHkuY29t
gg8qLmx1bW9zbGFicy5jb22CCCoubXNmLmVzgg0qLm4zdHdvcmsuY29tgg4qLnBp
cmlmb3JtLmNvbYINKi5wb2x5ZmlsbC5pb4IMKi5zZWVrZXIuY29tgg4qLnNoZWtu
b3dzLmNvbYINKi50aGVkb2RvLmNvbYIXKi50b3BoYXR0ZXItc3RhZ2luZy5jb22C
DyoudG9waGF0dGVyLmNvbYILKi51ZGVteS5jb22CDioudmltZW9jZG4uY29tghJh
cHAuYmlyY2hib3guY28udWuCD2FwcC5iaXJjaGJveC5lc4IaYXBwLnN0YWdpbmcu
YmlyY2hib3guY28udWuCE2Fzc2V0cy5kYWlseWtvcy5jb22CFWFzc2V0cy50cmFi
aWFuY2RuLmNvbYIIYmVhbS5wcm+CDmJpLm1pa3lzcnYuY29tghRidWlsZC5vcmln
YW1pLmZ0LmNvbYIRY2RuLmxhcmVkb3V0ZS5jb22CEGNkbi5tbWdjYWNoZS5uZXSC
FGNvbnRlbnQuZWJpcXVpdHkuY29tggZmdC5jb22CCGh5Y3UuY29tghhpbWFnZS53
ZWJzZXJ2aWNlcy5mdC5jb22CE2ltYWdlcy5kYWlseWtvcy5jb22CCGlzcG90LnR2
ggxrbmVjdDM2NS5jb22CF2xkLXN0Zy5sYXVuY2hkYXJrbHkuY29tghdsZWFybm1v
cmUuZWNvbm9taXN0LmNvbYIMbHVtb3NpdHkuY29tgg1sdW1vc2xhYnMuY29tghBt
LmVtdXBhcmFkaXNlLm1lggtuM3R3b3JrLmNvbYIMcGlyaWZvcm0uY29tggtwb2x5
ZmlsbC5pb4IccHJvamVjdHMuZml2ZXRoaXJ0eWVpZ2h0LmNvbYIOcWEucG9seWZp
bGwuaW+CF3NjcmlwdHMua2lzc21ldHJpY3MuY29tgh1zY3JpcHRzLnN0YWdlLmtp
c3NtZXRyaWNzLmNvbYIKc2Vla2VyLmNvbYIMc2hla25vd3MuY29tghhzdGFnaW5n
LXdlYi5jY2xlYW5lci5jb22CC3RoZWRvZG8uY29tghV0b3BoYXR0ZXItc3RhZ2lu
Zy5jb22CDXRvcGhhdHRlci5jb22CFHVhdC13ZWIuY2NsZWFuZXIuY29tggl1ZGVt
eS5jb22CDHZpbWVvY2RuLmNvbYIMd3d3LmNhdG8ub3JnghV3d3cuY2VudGVyY3V0
Y29vay5jb22CEnd3dy5lbXVwYXJhZGlzZS5tZYIWd3d3LmxpYmVydGFyaWFuaXNt
Lm9yZ4IQd3d3LnBpcmlmb3JtLmNvbTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwHwYDVR0jBBgwFoAUqSuH4c4kRzsbv8+FNwJVnQ2UWOYwHQYDVR0OBBYE
FGgX6MTTb7ojvwj073JCBVHlb7TbMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA
b1N2rDHwMRnYmQCkURX/dxUcEdkCwQApBo2yCJo32RMAAAFzMHfrPAAABAMASDBG
AiEA7qcasbzCLnpdAUbXh9vOmvpoK9KnkuSttSecOB6j+/UCIQDv6p+EFbrDmGXu
elVlApCWtNM+yCZ1ro0/3Dmu2ThsqwB2APZclC/RdzAiFFQYCDCUVo7jTRMZM7/f
DC8gC8xO8WTjAAABczB36u0AAAQDAEcwRQIhANBQFjx3c4536I/gZZX0TxjB/4tx
xRJNzox93e5qGGQtAiBnrsSV2QYdkdn5gbJcII4BncADCRJOlBBo0VhSe63KfjAN
BgkqhkiG9w0BAQsFAAOCAQEADmwQS7yNnKl+PJTGnV91bwGz9uOIOY5Tk9yj1YXT
rnvLOxdydEhALtO9uF3vHHirIBKPDRMGATCkEbq6HJFZwOdoU3u1Rf5zv0hMOIrK
fydrlmnZ1OTsfnQJyETYIIxcBVxWaGcrQRZpUqWXIVbMqZjQd0F/1H54erBzFs2s
j0QQXfpaXnxN2F/yf4ShXhuAKVe9eHELAQfwWs3vlgh6i49T1G8kudAqkKuJuFKF
6X6sI1rPYKHJeFZSgHJPQtud3GqtlF+phORyxRC9cIfVMZvI8gfKJC9gicjeRoWp
vPej6DHOZN9+0cMsmDMx6+yh9EznbLOuL2iFPkBBkU+Kqg==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Francisco/O=Fastly, Inc./CN=f3.shared.global.fastly.net
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign CloudSSL CA - SHA256 - G3
---

What IP address are you resolving for that hostname?

Trying here -
openssl s_client -showcerts -connect cdn.jsdelivr.net:443

It made me pull all my listed domains because I am a new user.

Full output I am seeing.

CONNECTED(00000006)
depth=1 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
depth=1 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=10:certificate has expired
notAfter=May 30 10:48:38 2020 GMT
verify return:0

Certificate chain
0 s:/CN=ssl363648.cloudflaressl.com
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
-----BEGIN CERTIFICATE-----
MIIElzCCBDygAwIBAgIQakW7Kp+aJ6XcxoKvn1Vh1zAKBggqhkjOPQQDAjCBkjEL
MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxODA2BgNVBAMT
L0NPTU9ETyBFQ0MgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQSAy
MB4XDTIwMDQwNzAwMDAwMFoXDTIwMTAxNDIzNTk1OVowJjEkMCIGA1UEAxMbc3Ns
MzYzNjQ4LmNsb3VkZmxhcmVzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEY3zao+vB1PV8NFBtSD5W58QFu5JF1E1DcexgAyE+bUjfaEcaOFhV61FYSGk4
PcDhc1iuV7+O+YJQn3tzyw2YpKOCAt0wggLZMB8GA1UdIwQYMBaAFEAJYWfwvINx
T94SCCxv1NQrdj2WMB0GA1UdDgQWBBSop1QOlGVdJBMpCHSPHx1tzJitsTAOBgNV
HQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIB
FhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwVgYDVR0fBE8wTTBL
oEmgR4ZFaHR0cDovL2NybC5jb21vZG9jYTQuY29tL0NPTU9ET0VDQ0RvbWFpblZh
bGlkYXRpb25TZWN1cmVTZXJ2ZXJDQTIuY3JsMIGIBggrBgEFBQcBAQR8MHowUQYI
KwYBBQUHMAKGRWh0dHA6Ly9jcnQuY29tb2RvY2E0LmNvbS9DT01PRE9FQ0NEb21h
aW5WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0
cDovL29jc3AuY29tb2RvY2E0LmNvbTCCAQIGCisGAQQB1nkCBAIEgfMEgfAA7gB1
AAe3XBvlfWj/8bDGHSMVx7rmV3xXlLdq7rxhOhpp06IcAAABcVW3+fgAAAQDAEYw
RAIgCu23v9y73WkFfmST0z2XNfedrcTZclVtDpXUT3gOVmECIDxiMv7gSX+L5rpC
LyXdLlFzFaorHYhJBkeG+G3t0hukAHUA5xLysDd+GmL7jskMYYTx6ns3y1YdESZb
8+DzS/JBVG4AAAFxVbf6JwAABAMARjBEAiAvebiHK6lZIcXhFndGOAJnz08yNdBJ
osVi68fXsQY/jwIgCTYCWUMIhCixcx51wkkmr6jwpZ0yIIK1HBvUd2cB9BQwJgYD
VR0RBB8wHYIbc3NsMzYzNjQ4LmNsb3VkZmxhcmVzc2wuY29tMAoGCCqGSM49BAMC
A0kAMEYCIQDq9wYhHJNbrv+Y8oW+TE1SnYxkeCjSc5RzR8jydCwY8QIhANnwkd5y
IcG03FxTGENTPkif9pOHEeDICEwv6p6bauNg
-----END CERTIFICATE-----
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority
-----BEGIN CERTIFICATE-----
MIIDnzCCAyWgAwIBAgIQWyXOaQfEJlVm0zkMmalUrTAKBggqhkjOPQQDAzCBhTEL
MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwOTI1MDAw
MDAwWhcNMjkwOTI0MjM1OTU5WjCBkjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
T0RPIENBIExpbWl0ZWQxODA2BgNVBAMTL0NPTU9ETyBFQ0MgRG9tYWluIFZhbGlk
YXRpb24gU2VjdXJlIFNlcnZlciBDQSAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEAjgZgTrJaYRwWQKOqIofMN+83gP8eR06JSxrQSEYgur5PkrkM8wSzypD/A7y
ZADA4SVQgiTNtkk4DyVHkUikraOCAWYwggFiMB8GA1UdIwQYMBaAFHVxpxlIGbyd
nepBR9+UxEh3mdN5MB0GA1UdDgQWBBRACWFn8LyDcU/eEggsb9TUK3Y9ljAOBgNV
HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECATBMBgNV
HR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9FQ0ND
ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDByBggrBgEFBQcBAQRmMGQwOwYIKwYB
BQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET0VDQ0FkZFRydXN0
Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC5jb21vZG9jYTQuY29tMAoG
CCqGSM49BAMDA2gAMGUCMQCsaEclgBNPE1bAojcJl1pQxOfttGHLKIoKETKm4nHf
EQGJbwd6IGZrGNC5LkP3Um8CMBKFfI4TZpIEuppFCZRKMGHRSdxv6+ctyYnPHmp8
7IXOMCVZuoFwNLg0f+cB0eLLUg==
-----END CERTIFICATE-----
2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
-----BEGIN CERTIFICATE-----
MIID0DCCArigAwIBAgIQQ1ICP/qokB8Tn+P05cFETjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
VQQDEyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MHYwEAYHKoZI
zj0CAQYFK4EEACIDYgAEA0d7L3XJghWF+3XkkRbUq2KZ9T5SCwbOQQB/l+EKJDwd
AQTuPdKNCZcM4HXk+vt3iir1A2BLNosWIxatCXH0SvQoULT+iBxuP2wvLwlZW6Vb
CzOZ4sM9iflqLO+y0wbpo4H+MIH7MB8GA1UdIwQYMBaAFK29mHo0tCb3+sQmVO8D
veAky1QaMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E
BAMCAYYwDwYDVR0TAQH/BAUwAwEB/zARBgNVHSAECjAIMAYGBFUdIAAwSQYDVR0f
BEIwQDA+oDygOoY4aHR0cDovL2NybC50cnVzdC1wcm92aWRlci5jb20vQWRkVHJ1
c3RFeHRlcm5hbENBUm9vdC5jcmwwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzAB
hh5odHRwOi8vb2NzcC50cnVzdC1wcm92aWRlci5jb20wDQYJKoZIhvcNAQEMBQAD
ggEBAB3H+i5AtlwFSw+8VTYBWOBTBT1k+6zZpTi4pyE7r5VbvkjI00PUIWxB7Qkt
nHMAcZyuIXN+/46NuY5YkI78jG12yAA6nyCmLX3MF/3NmJYyCRrJZfwE67SaCnjl
lztSjxLCdJcBns/hbWjYk7mcJPuWJ0gBnOqUP3CYQbNzUTcp6PYBerknuCRR2RFo
1KaFpzanpZa6gPim/a5thCCuNXZzQg+HCezF3OeTAyIal+6ailFhp5cmHunudVEI
kAWvL54TnJM/ev/m6+loeYyv4Lb67psSE/5FjNJ80zXrIRKT/mZ1JioVhCb3ZsnL
jbsJQdQYr7GzEPUQyp2aDrV1aug=
-----END CERTIFICATE-----

Server certificate
subject=/CN=ssl363648.cloudflaressl.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2

No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits

SSL handshake has read 3538 bytes and written 281 bytes

New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-CHACHA20-POLY1305
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-ECDSA-CHACHA20-POLY1305
Session-ID: 57F66B1834653F7BA07D06FA7A155AEAC64720DDDE84754A719FE34532696782
Session-ID-ctx:
Master-Key: 23BD58AD6A7D03F60501E6E5CCB23D668921849E95E9DB5C5BAD77B246D3C12822B8A36F30B1DE5035D9DA50F158B671
TLS session ticket lifetime hint: 64800 (seconds)
TLS session ticket:
0000 - 1f b2 60 e4 c9 57 35 38-99 87 d2 f5 2b bf 04 96 …`…W58…+…
0010 - 32 94 66 6c 4c 03 e3 fb-9e 50 bb 68 4b 4d 42 50 2.flL…P.hKMBP
0020 - 67 0f 99 7f 2e e3 c3 74-22 bf 7e 26 13 f5 e6 ab g…t".~&…
0030 - 42 61 82 72 93 56 08 e6-3c 1c 7b 78 1e 2a a6 46 Ba.r.V…<.{x.*.F
0040 - be bf 3a 05 d8 cd 87 a7-32 cc aa 98 6e c7 ef ef …:…2…n…
0050 - 3e 5a a7 84 d7 11 54 25-a2 c1 63 ea 3b fb 7c a7 >Z…T%…c.;.|.
0060 - 52 f8 54 09 d2 ca 43 6d-36 00 7f 32 27 07 b7 cc R.T…Cm6…2’…
0070 - 1d 45 63 36 bc f8 ad 30-00 30 8f c4 d5 a0 20 f8 .Ec6…0.0… .
0080 - 87 ce 81 1c 6a 8b 6e 26-bb 52 f6 1f d4 e8 5c f1 …j.n&.R…
0090 - c5 0b a7 35 2e 04 47 b1-32 0c 46 47 7b fa 6a 64 …5…G.2.FG{.jd
00a0 - 1b ac fd 9f 15 87 77 07-a9 65 e3 50 d8 fc bd 77 …w…e.P…w

Start Time: 1596819304
Timeout   : 7200 (sec)
Verify return code: 10 (certificate has expired)

No issue either.

Again, which IP address are you resolving?

It can also be seen here:

https://www.ssllabs.com/ssltest/analyze.html?d=cdn.jsdelivr.net&s=104.16.88.20&hideResults=on&ignoreMismatch=on

If you checkout certificate 2.

That’s just an alternative certificate (seems to be the default for non-SNI)

You probably best open an issue at https://github.com/jsdelivr/jsdelivr/issues

Will do!

Kinda felt like a CF issue as much of that stuff is shared on the CF side. I will open a ticket with them! Thanks for your fast reply!

This topic was automatically closed after 14 days. New replies are no longer allowed.