Today's issue is caused by an expired root CA certificate, used to sign server certificates issued by Let's Encrypt. This certificate expired at 10AM EDT today, September 30th. There can be two classes of issues which can cause your customers to not be able to connect to your site due to this certificate's expiration. The first is because the client device or OS has not been updated to include updated CA certificates. The second is because the client device or OS relies on underlying libraries which fail as soon as they see the expired CA certificate from the server, regardless of the presence of non-expired alternatives.
1. Remove the DST Root CA X3 from your server. If you do this, your server will stop sending this as an option to clients, and clients won't attempt to validate it.
2. Enable ignore SSL errors in your Catchpoint tests.
Alternately, Catchpoint engineering is working on updating the monitors which rely on our older HTTP stack. We will update on their progress when we have more information.
Some more information on this topic:https://community.letsencrypt.org/t/help-thread-for-dst-root-ca-x3-expiration-september-2021/149190/211https://www.bgr.in/features/internet-to-stop-working-for-select-uses-from-today-why-who-will-be-affected-what-to-do-1011330/https://marketresearchtelecast.com/lets-encrypt-certificates-stuttering-possible-on-september-30th/164576/https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/