Rekeyed wildcard custom cert randomly gets old cert

We had to rekey our wildcard cert and updated it in the custom domain settings. It’s a godaddy cert. Probably is sometimes we still get the old cert. It’s been over 72 hours and the old cert still appears sometimes when you access the site. We manage our DNS through an external provider and our TTL for our CNAME are only set to an hour. All affected sites are subdomain sites on our main wildcard domain.

Example of issue:

while true; do curl -k -svo /dev/null https://galleries.photoday.io 2>&1 | grep -E '(Trying)|(start date)'; sleep 1; done

You can see sometimes the old cert appears (Issued April 22) and sometimes the new cert appears (Issued April 30)

Not sure what steps to take to invalidate this old cert and get all server instances using the latest.
The problem is that with a rekey, godaddy actually revokes the old cert. Netlify is thinking its still valid I believe because of the expiration but it is not. Certain browsers and client configurations are rejecting it. We run an ecommerce site so every hour this is down it could be costing us a lot.

Hi, @photoday. I replied to your support ticket about this. Please reply there if there to continue troubleshooting this (or here to let us know if you don’t see the email for the support ticket).