It sounds like your TV Browser does a poor job of validating certs. You could consider using the "short chain" for Let's Encrypt. Or, you may have to switch to another free CA which your TV understands.
The "short chain" is selected using the --preferred-chain 'ISRG Root X1' on your certbot command line. You could also manually remove the last cert in the "fullchain.pem" as a test. That gives the same effect as the "short chain"
The --preferred-chain option needs Certbot v1.12 or later.