How do you clear SSL leaf certificates mappings to particular domains

keychain certificate ssl

There's no caching of SSL-certificates like this. It is not a caching issue on the client.

The problem here is with the server - it presents the wrong certificate (from your point of view).

The reason that some clients see one certificate and others see another is most probably due to CDN and/or load-balancing, which means that you're not really hitting the same endpoint. It sounds likely that the server is using persistent connections (aka sticky sessions) which means that your MacBook sees one thing, but your iPhone and Windows 10 machine another thing.

This is something you need to solve at the server level. It hasn't got anything to do with your Mac as such.


So, it turns out what happened was that I mapped the domain to specific IP in my local /etc/hosts file. It was pointing to a CDN node that was serving up the old certificate. Once I removed the entry, it was pointing to a new node with the correct certificate.

Related

iCloud in iOS and mac os require my phone password to log into icloud on my mac? Since when?
Can I use 2019 iMac as monitor for Wii/Wii U?
How can I export drawing from Notes to an image with background on an iPad?
How to disable auto password filling (Keychain) while in private browsing mode in Safari?
Is there a way to enable Two-factor authentication for my apple id without any physical device? [duplicate]
How to make a "you have a new memory" movie with my own choice of photos and videos?
Disk utility free space doesn't match Apple > About this Mac > Storage [duplicate]
status line in iterm integrated with tmux
Problems with using HP 27fw external display on a MacBook Pro when running macOS
RAM upgrade for an iMac 27" 2017 used for video-editing, compression and audio recording
Looking for Encryption application
Fix permissions in Apache