GrantG

I've manually renewed the Let's Encrypt certificates in question now and the optional expired path in the chain has now gone. This should resolve the client issue with ESET for us although I do question if it should have been necessary as the certificates were still valid. Anyway, I hope this helps.

This will be due to the Let's Encrypt "DST Root CA X3 DST" certificate authority expiring on the 30th September. We have the same issue with 1 of our customers who use ESET Endpoint Security. None of our other customers have issues. Even though our certificate is valid ESET gives the same error and prevents access because one of the 2 paths has now expired. Seems to be that ESET doesn't check the new/current cert authority "ISRG Root X1" for the multi-path Let's Encrypt certs, or something like that. I am going to renew our certificates early to remove reference to the old cert authority to see if that fixes the issue.