Is your MWG using NTP to sync its clock? "Expired" certificates could also indicate the start date/time has not been reached yet.
That site just installed a new certificate last Friday. Maybe it was expired when you encountered the issue?
If it happens again, try to capture it using Rule tracing central. You should be able to get a value of what the MWG thinks the SSL.Server.Certificate.DaysExpired is when it occurs.
I think they install a new cert on a regular basis (not sure why) as I say I have this issue a few times per month normally, how did you find out the cert was renewed ? sorry for asking noob questions but I'm not too familiar with certs etc etc.