Let's encrypt root certificate has expired and Android system has not updated it. Use a TLS certificate from some other authority.
According to Let's Encrypt documentation, only Android devices prior to version 7.1.1 will have any issues whatsoever. I am on Android 11. So this seems less likely to happen.Let's encrypt root certificate has expired and Android system has not updated it. Use a TLS certificate from some other authority.
Thats how its supposed to work but apparently its a mess on android. DoT is part of the base system and doesnt trust the default system certificate store. it uses its own store which hasnt been updated(I dont know if there is even a way to update it without involvement from manufacturer/oem) and broke after letsencrypt tried to fix it on 30th September 2021.@vishalrao I understand how the SSL certificate works. Lets Encrypt docs say that Android versions greater that 7.1.1 should trust the new root CA Cert by default. Besides I am not sure if you can update the trusted root ca on Android.
If I understand correctly, @royalroy switched to a different issuer. Please correct me if I am wrong!