The only explanation I have for you sounds like this:
You’re using a complex setup.
I run my discourse behind an nginx reverse proxy
I followed a guide here on meta to configure my proxy
It said that you have to terminate ssl to rp and forward requests to Discourse over port 80 (or socket in my case)
What I know of the internet is that You can’t reverse proxy SSL certificates.
That’s the best I have for You, can’t help any more than that.
EDIT: this is the guide I’m talking about: Adding an offline page when rebuilding