We have an e-commerce site that uses certificates from Thawte, we had our certficate renewed in October. If you access https-pages from IE6 you get a warning that the certificate has expired, if you look at the expiration date it's actually the old certificate. Now, this doesn't happen at all when accessing the page from IE7.
This happens when accessing the page from ANY computer with IE6 so it can't be that the certificate is cached locally.
Is it YOUR certificate that has expired, or an upstream Thawte cert? My first guess is that computers with IE6 have on older list of trusted certs, whereas for IE7, a new list of trusted certificates has been downloaded.
It's our certificate that has expired, however I've found the problem. There was some code emitted to IE6 users only for a tracking script, this code downloaded an image from a different sub domain under our domain. This sub domain had not had it's certificate updated. Wasn't easy to track down, but once you find it it's like d'oh!