If you never used the current certificate it won’t be involved in the connection setup either and your visitors won’t get an error either (of course they might get an error for another reason, but that won’t be Origin certificate related).
Also, the cURL error is SSL related but as you shouldn’t be directly connecting to your origin in the first place (otherwise you will get an unknown CA error - that might be even that 35 one) you shouldn’t get any such errors in the first place as you’ll be only hitting the proxy and its certificate.
At this point I would recommend to
- revoke the current certificate
- have a new one issued
- keep the private key
- configure everything on your origin
- make sure you have Full Strict as encryption mode
- check if the DNS record in question is proxied as it has to be proxied
If you still get any SSL errors when connecting to the proxy, make sure the proxy certificate is in place and that your minimum SSL version is not too high (should be 1.2 or lower).