ISRG Root X1 not supported on ios 9.3.5

One thing to clarify or reiterate, either for @cheebase or future readers of this thread:

If you're the owner of an older device, you can personally manually add ISRG Root X1 to most older devices' root CA stores, if those devices didn't ship with it.

(these are two different formats for the exact same file; some software might prefer one or the other format)

Doing this allows an individual device to continue to trust sites that are using Let's Encrypt certificates.

On the other hand, if you are the administrator of a web site using Let's Encrypt, there's nothing you can do on the server site to allow all of your users on older systems (like iOS 9) to continue to access your site. (You can try to persuade individual users to manually install the ISRG root certificate, but particular users may or may not hear about or understand this suggestion, and may or may not be willing or able to follow it.)

Edit: I should also point out that I don't personally have an iOS device or know exactly how to do this on iOS 9. Although it should be possible in principle, I don't know that it's as simple as just downloading this file and following a few prompts or anything.