We are running 2 x BM 3.8 (SP5 IR1) on a 6.5 (SP7) servers
We CNLTRUST key which runs when a user logs into the network
we use a proxy.pac file to split/balance proxy use.

recently one of our BM Servers SSL Certificates expired (both IP & DNS)

this seemed to be causing very strange internet access on that server. Users would goto a website and once they got passed the home page they were given a server certificate error and then re-directed to the BM login screen which said they were already logged in.

I ran PKIDIAG which found (and when ran in repair mode) fixed the 2 errors which were the expired certificates.

After a restart and waiting for a short while everything returned to normal.

But the problem is now re-occurring

Any pointer or advice would be appreciated.