Cert expiry does not work anymore after updating from 0.86.4

I have configured a Let’sEncrypt certificate and the Cert Expiry sensor, which did work well for several month. After I did the HA update (I assume, that’s not the reason but I did recognize at that time) I recognized, that the sensor does not work anymore.

The error I see is Cannot connect to catdog.myfritz.net
When I fire curl -I https://catdog.myfritz.net, the result shows:

HTTP/1.1 405 Method Not Allowed
Server: nginx/1.14.2
Date: Fri, 22 Mar 2019 07:53:52 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 23
Connection: keep-alive
Allow: GET
Strict-Transport-Security: max-age=31536000; includeSubDomains

As you can see, I’m running nginx as a reverse proxy.
Maybe someone can give hints where I have to figure out, why it does not work anymore?
Here my /etc/nginx/conf.d/catdog.myfritz.net.conf:

server {
    listen 443 ssl default_server;
    server_name catdog.myfritz.net;

    # SSL
    ## Activate SSL, setze SERVER Zertifikat Informationen ##
    # Generiert via Let's Encrypt!
    ssl on;
    ssl_certificate /etc/letsencrypt/live/catdog.myfritz.net/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/catdog.myfritz.net/privkey.pem;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_prefer_server_ciphers on;
    # unsichere SSL Ciphers deaktivieren!
    ssl_ciphers    HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!RC4;

    ## Blocken, wenn Zugriff aus einem nicht erlaubten Land erfolgt ##
    if ($allowed_country = no) {
        return 403;

    # HSTS
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    # global
    root /var/www/catdog.myfritz.net;
    index index.php index.htm index.html;

    # Weiterleitung
    location / {
        proxy_pass http://localhost:8123;
        proxy_set_header Host $host;
        #proxy_redirect http:// https://;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_intercept_errors on;

Nobody an idea what I could check to make it work again?

I am also using a reverse proxy in front of my HASSIO instance. I haven’t tested this with other Linux distros. In case anybody else is interested, this tiny sensor works great for me and provides the certificate expiry date of the reverse proxy, but it should work for any server specified … just replace the x.x.x.x with the reverse proxy’s IP:

  - platform: command_line
    name: Proxy Cert Expiry
    command: echo | openssl s_client -connect x.x.x.x:443 2>/dev/null | openssl x509 -noout -enddate | grep 'notAfter=' | cut -d "=" -f 2-5
    scan_interval: 86400

the scan_interval of 86400 checks the expiry date every 24 hours … no need for a higher frequency. The sensor info is populated immediately after a reboot, too.

In my customization, I changed the icon to mdi:certificate to improve the appearance.