After the latest DST X3 certificate issue. All of my Let's encrypt certificats is not being validated correctly on my Sophos XG. Everything updated to latest version.
I've tried to remove the Let's Encrypt R3 certificates. Re-upload the new ones. Followed all guides available. But still my issue persists.
All my iOS devices accessing WAF sites from the outside, still pukes saying the certificate is expired on 29th september. Even though I've reissued completely new certificates and removed everything i could finde delated to DST...
What on earth is going on?
I could solve it by SSH-->Advanced shell, check all certificates in folder /conf/certificate/cacerts.
In my situation this folder contained a lot of imported ca certificates that didn't show in the web…