如题，今天无法在命令行访问自己的网站，故 curl https://blog.cxzlw.top，得到如下结果

curl: (60) SSL certificate problem: unable to get local issuer certificateMore details here: https://curl.se/docs/sslcerts.htmlcurl failed to verify the legitimacy of the server and therefore could notestablish a secure connection to it. To learn more about this situation andhow to fix it, please visit the webpage mentioned above.

随后 openssl s_client -connect blog.cxzlw.top:443 -showcerts 发现：

Certificate chain 0 s:CN=cxzlw.top   i:C=US, O=CLOUDFLARE, INC., CN=Cloudflare TLS Issuing ECC CA 1   a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA256   v:NotBefore: Jun 12 20:44:39 2025 GMT; NotAfter: Sep 10 20:50:19 2025 GMT 1 s:C=US, O=CLOUDFLARE, INC., CN=Cloudflare TLS Issuing ECC CA 1   i:C=US, O=SSL Corporation, CN=SSL.com TLS Transit ECC CA R2   a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA384   v:NotBefore: Oct 31 17:17:49 2023 GMT; NotAfter: Oct 28 17:17:48 2033 GMT 2 s:C=US, O=SSL Corporation, CN=SSL.com TLS Transit ECC CA R2   i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services   a:PKEY: EC, (secp384r1); sigalg: sha256WithRSAEncryption   v:NotBefore: Jun 21 00:00:00 2024 GMT; NotAfter: Dec 31 23:59:59 2028 GMT

注意这里的 AAA Certificate Services 已经自今年 4 月 5 日被弃用 Enhancements to Root CA and Hierarchies - Sectigo

网络搜寻关键词 cloudflare AAA Certificate Services 发现类似情况