Yesterday I ran into an odd issue at a client site. One of their websites in IIS 6.0 (Win 2003 SP1) was recently updated with a renewed Thawte SSL certificate. When I try to log into the web site locally using SSL, the site shows the updated certificate. When I try to log into the web site from the internet I am still seeing the expired cert. I removed the cert from IIS and the certificate store, restrated IIS, and then tried importing the cert, but still no luck. The web servers are load balanced, but the client swears they do not do any SSL acceleration and that the certs have always been stored on the web servers.
The strange thing is, when I remove the SSL cert from IIS and turn off the SSL port the problem still occurs from the internet. Locally, the SSL site is unavailable.
Any help is greatly appreciated.