Assuming you read the title of this article, it is very likely you are running the same setup I am: pfsense with haproxy as reverse-proxy for various webservices hosted from a single shared (probably domestic) IP, together with globaly trusted LE-Certs (that was a long one).
If you do so, you might have encountered the same problem as I do: The old intermediate CA (the one with R3 in the name) of LetsEncrypt is expiring, and pfSense (note that this currently only applies to 2.5.x, in 2.4.5 a different intermediate was used, and 2.4.5 did not notify you about the expiry) will send you mails (if properly configured) and notifications one month prior to expiry:
Notifications in this message: 1
3:01:01 The following CA/Certificate entries are expiring:
Certificate Authority: Acmecert: O=Let's Encrypt, CN=R3, C=US (60075fb1d29a4): Expiring soon, in 26 days
If you search this problem, the general advice is „just delete the old CA“, but I woudn’t, because you might experience a bad wake-up, at least if still certs are bound to the old intermediate…