I am still confused about this, i am sry if this is a stupid question: Would changing the certificate chain help a client that doesn't have ISRG Root X1? E.g. a client with Windows 7 that has never been updated via windows update and is out of date?
Also this "lazy-loading" that has been mentioned: Is this possible and how does it work? This Post (Microsoft Windows Root Certificate Lazy-Loading) does talk about visiting https://valid-isrgrootx1.letsencrypt.org/ and lazy-Loading the cert but from my testing this does nothing and the page does not load on a client that does not have the current root.