From what I can tell, @Lorance is just a linux admin that is probably with a company that is hosting the backend for the devices. Based on this situation, the device developer's ability to update the devices - and competency - is questionable.
From Temp support for X1? Lost access to large number of devices - #39 by Lorance
Many devices run:
- PolarSSL/1.3.14 , which dates back to Jan 27, 2014
- they are supposed to be running openwrt ca-bundle - 20200601-1, but @jsha noticed they have a Mozilla bundle from 2015 (with a 2019 date?!?!), so X1 isn't even in it
Multiple ISRG/LetsEncrypt and Certbot Engineers - in addition to some of the best community members - tried to help in that post.
Lots of devices with lots of different trust roots. It's going to be increasingly harder to keep all of them happy. Attrition is guaranteed in every scenario, the question is finding which options will enable the largest amount of devices.