I’ve got a user reporting an invalid certificate when accessing the videodelivery.net domain for hosted Cloudflare videos. On further inspection of the certificate being issued it presents as:
After more investigation this seems to be an HSTS related error. I assume at some point they didn’t MITM the certificate and the user accessed the site. Now they’ve injected their own cert and it’s breaking.
