curl https 访问ssl失败

*   Trying 106.14.340.252...
* TCP_NODELAY set
* Connected to log.xx.com (106.14.340.252) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS alert, certificate expired (557):
* SSL certificate problem: certificate has expired
* Closing connection 0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

使用curl访问一个https网址的时候，出现了上面报错，访问失败。说是网站证书过期，但是查看网站证书并没有过期，而且浏览器访问都正常。

解决：

一个因CA根证书过期引起的故障

Sectigo/Comodo 根证书过期的解决办法

为什么HTTPS中证书链不完整，有的客户端访问正常，有的会报错？