Update 2017-08-11: Results from Censys revealed the first one was Precert, and the second one is the actual certificate.
When I was renewing my Comodo certificates, I decided to use other CA, for no apparent reasons. (You know, things are not always decided logically.) I chose RapidSSL because it was not that expensive (just $1 more expensive than Comodo) from the reseller.
So I paid the bill, did the DV, and then got the certificate. It had CT logs embedded in it, and it appeared on crt.sh/50101894. And few days later, crt.sh/50901135 appeared, with the exact same certificate data, with same serial number and completely new SHA1/SHA256 hashes. Both certificate has same serial number of
It does not seem to be specific to my case, see Korean Air for example – the original certificate has CT date
Mon, 20 Jun 2016 05:00:04 GMT with crt.sh/22661466, and there’s one more new entry for crt.sh/23006552. Even RapidSSL’s official web site has this issue – crt.sh/6475072 and crt.sh/6495675 both have same serial number of
I don’t know why this happens, and if this is known problem or something is happening but it’s worth logging so.. :P