A few days ago Let’s Encrypt root certificate was expired. It was planned and announced: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ in advance but still, some side effects exist.

For example, macOS 10.14 can’t connect to anything which is used Let’s Encrypt SSL.

The good news is that it is quite easy to fix. Just run:

This simple code is removing an expired certificate.

The root cause of this issue is a bug inside LibreSSL which was used in macOS 10.14 and cross-self-signing between roots Let’s Encrypt’s root CAs.