GrantG

I've manually renewed the Let's Encrypt certificates in question now and the optional expired path in the chain has now gone.  This should resolve the client issue with ESET for us although I do question if it should have been necessary as the certificates were still valid.  Anyway, I hope this helps.

Hi.
One of our customers is getting a lot of "Certificate Revoked" errors from ESET Antivirus since 1.10.2021. Accessing these sites not via ESET does not show any problem. What seems to be common to all these sites is that they are using Let's Encrypt and OCSP Stapling.
Here is one example: https://app.softgarden.io
Any ideas how to track down the problem.
THX a lot.

This will be due to the Let's Encrypt "DST Root CA X3 DST" certificate authority expiring on the 30th September.  We have the same issue with 1 of our customers who use ESET Endpoint Security.  None of our other customers have issues.  Even though our certificate is valid ESET gives the same error and prevents access because one of the 2 paths has now expired.  Seems to be that ESET doesn't check the new/current cert authority "ISRG Root X1" for the multi-path Let's Encrypt certs, or something like that.

I am going to renew our certificates early to remove reference to the old cert authority to see if that fixes the issue.