If you recently upgraded to pfSense 2.5, you may have received notifications about some CA/Certificate entries lose to expire. The exact message would be something like “The following CA/Certificate entries are expiring: Certificate Authority: Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority X3, C=US”
The fix is quite simple, just visit System >> Cert Manager >> CAs and find the entry “Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority X3, C=US”. You will see a “Valid until” in yellow, with a near by date (less than 30 days, usually). Note also there is a “X3” in the CA name. Just click on Delete (trash bin icon) and confirm click on Ok.
This is safe to do because you have another CA for Let’sEncrypt which contains “R3” in the name. Something like “Acmecert: O=Let’s Encrypt, CN=R3, C=US”
That is it, have fun!