I use Full encryption mode on my domain, and I want to know, if my server had a valid SSL certificate, can someone still pose as my server and intercept traffic? since Full mode does not check for expiration date, neither for a valid SSL certificate, it just enctypts if available
For the reasons explained here, you need to use “Full (strict)” (or “Strict”) and a valid SSL certificate on your origin. Nothing else is secure.