Expired SSL certificate randomly picked

Answer these questions to help the Community help you with Security questions.

What is the domain name?

Have you searched for an answer?
Oh yes.

Please share your search results url:

When you tested your domain using the Cloudflare Diagnostic Center, what were the results?
Sometimes certificate_expired - The website has a certificate that has expired.
Sometimes Looking good

Describe the issue you are having:
After renewing the Let’s Encrypt certificate, the previous one gets picked for requests.
When loading the site resources, the expired SSL certificate get picked at random for the indivdual requests, leading to the entire site being declared as unsafe, or single resources (CSS & JS) not being loaded.

What error message or number are you receiving?

Your connection is not private

Attackers might be trying to steal your information from eye-t.lu (for example, passwords, messages, or credit cards). Learn more


What steps have you taken to resolve the issue?

  1. Renewing the Let’s encrypt certificate
  2. Revoking the current certificate and generating a new one
  3. Bothering the server provider. He blames Cloudflare.
  4. Swearing

Was the site working with SSL prior to adding it to Cloudflare?

What are the steps to reproduce the error:

  1. Open the browser debugger and refresh the site using Ctrl +F5
  2. The page will load fine, the privacy error page will randomly pop up or some NET::ERR_CERT_DATE_INVALID errors will show in the browser

Have you tried from another browser and/or incognito mode?
I’ve tried it on Firefox, Chrome & Edge. I’ve installed and tested on Brave to make sure no browser cache shennanigans a responsible.

Please attach a screenshot of the error:
Never mind the different URL. Both sites are affected.

Your DNS record is not :orange:. This means that the traffic is not going through Cloudflare. This is an issue on your origin server.


Hey @Cyb3r-Jak3, thanks for your reply.
I updated the A-records and activated the Cloudflare-on-Website-option (why that was off is beyond me), the DNS-Checker-entries look better now.
The error still pops up every now and then, but I’ve the impression that it’s not as often as before. Might be a caching issue that resolves itself?

This would be my guess. Some DNS caching, that takes a bit to propagate out.

Error NET::ERR_CERT_DATE_INVALID can be fixed by clearing SSL cache. You can give this simple, straightforward strategy a try.
As you hold down the Win key and the R key, the Run prompt will open.
Enter the command inetcpl.cpl into the Run window.
Select the Content tab.
Clear SSL status by clicking.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.