Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
All of my server are saying the root cert r3 has expired yet the cert are fine. I note that you've updated this, but when I update my local cert its still keeping the same root cert from lets. Do I have to completely reinstall or is there a command or script that you've made to update the root certs.
My certificates are showing as expiring in Nov (last renewal worked), and if I access the website via Firefox on Mac OS is shows the correct certificate.
However, accessing my mail server on the same domain I get an "untrusted" message.
That message (same on iOS) is showing the certificate as having expired 29/09/2021 20:21:40 GMT+1 (BST).
"root certificate used by Let’s Encrypt to sign client certificates will lose its validity on this day (expiry of Intermediate R3 on 2021/09/29 at 19:21:40 GMT – the DST Root CA X3 expires on 2021/09/30 14:01:15 GMT)"
Which operating system and mail server product are you using?
If you have a certificate configuration file and you are using certificate files as pem format, is it pointing to the fullchain.pem file? If you just server your leaf certificate without the full chain then the clients will resolve the R3 themselves and they may only know the expired one.
)