We recently (Last week) moved from custom managed SSL certificates over to the automatic SSL certs provided by Netlify. This went largely without hitch and the Netlify UI indicates that is indeed using those certificates.
Unfortunately it appears that Netlify was still serving the old certificates, albeit intermittently. This caused a production outage due to the old certificates expiring and required us to deploy the website in a separate location to avoid more downtime for our customers.
The first thing we did was attempt to move back to another SSL certificate provider, ZeroSSL as we had reached the limit for the LetsEncrypt certs. This also failed and the nodes were still serving the old expired SSL certificates
Our application url: https://fr-homepage-v2.netlify.app/
It’s important to note that the certificate was being served correctly from the url above. However it was not serving the correct certificate from our custom domain: https://www.ovoenergy.fr
I have the request id headers, these are roughly in order.
A successful response with the new certificate:
x-nf-request-id : 8c021202-2879-418f-b873-dc223e0a4390
Followed by requests serving the old certificates:
x-nf-request-id : 1875f18a-a5fe-4805-88e8-b2cabb92f567
x-nf-request-id : 2ccd3d7b-cc47-4056-b5f6-545975fef987
x-nf-request-id : d796f2e0-673a-402a-b2cb-cab65248fe3c
We’d like to validate that this is fixed before we move the DNS back to our main domain.