Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My hosting provider, if applicable, is: Digital Ocean
I can login to a root shell on my machine (yes or no, or I don't know): I don't know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Digital Ocean
I've had no problems with my SSL on this site for the last 5-years or so, but in the last few months the browser has started showing an error: YOUR CONNECTION IS NOT PRIVATE - and the SSL in the browser shows as having expired.
However, if I refresh the page a few times, or start a new session on the site, then it will work and will show an SSL that expires in several months' time.
The problem happens intermittently, but frequently - on multiple browsers and separate devices.
My own technical knowledge is limited so I'm hoping someone might have some simple suggestions!
Thanks
Your certificate is only valid for www.footstepstravelblog.com but you redirect to footstepstravelblog.com (no www.) And that's using an expired certificate.
You should fix your redirect not to change the domain name, and you should probably also expand your certicifate to include footstepstravelblog.com without www.
% curl -IL4 www.footstepstravelblog.com
HTTP/1.1 301 Moved Permanently
Date: Thu, 28 Dec 2023 14:35:41 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://footstepstravelblog.com/
Content-Type: text/html; charset=iso-8859-1
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
I can easily reproduce the problem you describe. This is most likely caused by one of your Apache worker processes becoming "stuck".
Just restarting Apache is not enough to fix this usually. A restart of the entire server is usually needed. If that is not possible you can just look for and kill the offending process. But, this takes some skill and you say yours is limited.
There is no need to get a new cert. Just one of these workers is using a much older cert.