So, we have a domain certificate on our site.
Initially, I noticed problems with the site sometimes giving cert errors when visiting for the first time.
Since then host has fixed this, and online SSL checks all appear OK.
However, recently I tried running from a linux box:
openssl s_client -connect domain.com:443
and the last line which comes back says:
" Verify return code: 10 (certificate has expired)"
Doing a qualisys online check, the score that comes back is B, al the other checks are ok.
I have a hunch that using openssl command uses a particular cypher which causes the server to use an out of date certificate.
I noticed similar behaviour from android virtual machine where “certificate has expired” warning comes up. All modern browsers appear not to see this error, or this out of date certificate.
Any ideas how I can troubleshoot this?