Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
@snvs I am able to view your site with modern browsers.
The default chain your server uses is the same as the one used by this website and has an expired DST Root CA X3. This was done to provide support for older Android clients. While helping those it has caused issues for others - mostly older other devices. The expiry of DST has itself caused issues for clients that do not trust the ISRG Root X1 even though it has been around since 2015.
Here are some options to address the clients you need to support.
You could switch to the so-called 'short chain' that omits the DST cert which can be easily done with Certbot v1.12 or later. (losing best support for older androids).
Instruct people with the error how to update their system to access any server using the chain with DST Root CA X3 or ISRG Root X1
Switch to a different CA (Certificate Authority)
There are many threads in this forum discussing these topics. Here are a few to get you started. Also, it would be helpful if you could provide more details of the specific browser and operating system versions of the clients having trouble. As I noted, your site uses the same cert chain as this site and many people access this fine.