Cloudflare 返回无效的中间证书

如题，今天无法在命令行访问自己的网站，故 curl https://blog.cxzlw.top，得到如下结果

curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: https://curl.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the webpage mentioned above. 

随后 openssl s_client -connect blog.cxzlw.top:443 -showcerts 发现：

Certificate chain 0 s:CN=cxzlw.top i:C=US, O=CLOUDFLARE, INC., CN=Cloudflare TLS Issuing ECC CA 1 a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA256 v:NotBefore: Jun 12 20:44:39 2025 GMT; NotAfter: Sep 10 20:50:19 2025 GMT 1 s:C=US, O=CLOUDFLARE, INC., CN=Cloudflare TLS Issuing ECC CA 1 i:C=US, O=SSL Corporation, CN=SSL.com TLS Transit ECC CA R2 a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA384 v:NotBefore: Oct 31 17:17:49 2023 GMT; NotAfter: Oct 28 17:17:48 2033 GMT 2 s:C=US, O=SSL Corporation, CN=SSL.com TLS Transit ECC CA R2 i:C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services a:PKEY: EC, (secp384r1); sigalg: sha256WithRSAEncryption v:NotBefore: Jun 21 00:00:00 2024 GMT; NotAfter: Dec 31 23:59:59 2028 GMT 

注意这里的 AAA Certificate Services 已经自今年 4 月 5 日被弃用 Enhancements to Root CA and Hierarchies - Sectigo

网络搜寻关键词 cloudflare AAA Certificate Services 发现类似情况