In addition to cached redirects, HTTP Strict Transport Security (aka HSTS) may be at play. HSTS is a security feature that forces the browser to use HTTPS even when accessing an HTTP URL.

The browser will start using HSTS for a domain after receiving a Strict-Transport-Security header from the server. The browser also ships with a list of domains for which HSTS is enabled by default.

In Chrome, there is a way to delete your domain from HSTS after it was added by the server. Though, you can’t exclude domains that are baked in the browser (this includes popular websites and notably everything under the new .dev TLD)

Go to chrome://net-internals/#hsts. Enter example.com under Delete domain security policies and press the Delete button.

Now go to chrome://settings/clearBrowserData, tick the box Cached images and files and press click the button Clear data.

already known bug. And very nasty. As i can see internally no fix ready yet.

Unofficial workaround:
Open in Vivaldi's address field chrome://flags/#https-upgrades
Set to Disable
Restart Vivaldi

⚠ Flags settings are always very experimental, unofficial and can cause other issues.

I hope you can remember much later that you made such changes when something is wrong.

Script to create (1) a local certificate authority, (2) a host certificate signed by that authority for the hostname of your choice

While Let’s Encrypt and its API has made it wonderfully easy for anyone to generate and install SSL certificates on their servers, it does little to help developers with HTTPS in their development environments. Creating a local SSL certificate to serve your development sites over HTTPS can be a tricky business. Even if you do manage to generate a self-signed certificate, you still end up with browser privacy errors.

In this article, we’ll walk through creating your own certificate authority (CA) for your local servers so that you can run HTTPS sites locally without issue. //

dobes_vandermeer

I put this all together in a shell script you can run: https://gist.github.com/dobesv/13d4cb3cbd0fc4710fa55f89d1ef69be

Third-party-Tools to check your configuration

Use this server to make DNS queries against an Unbound instance and get logs. The Unbound instance is configured very similarly to Let's Encrypt's production servers, and is started fresh for each query so there are no caching effects.

It’s not NTP. There’s no way it’s NTP. It was NTP

Let's Debug is a diagnostic tool/website to help figure out why you might not be able to issue a certificate for Let's Encrypt™.

Certbot is a free, open source software tool for automatically using Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.

See this page fetch itself, byte by byte, over TLS

• This page performs a live, annotated https: request for its own source. It’s inspired by The Illustrated TLS 1.3 Connection and Julia Evans’ toy TLS 1.3.
• It’s built on subtls, a pure-JS TLS 1.3 implementation that depends only on SubtleCrypto. Raw TCP traffic is carried via a serverless WebSocket proxy.