Fix Expired CA Certificates
When browsers and players connect via HTTPS, users must get a valid certificate from the server to authenticate a website. The server certificate is issued and validated by a Certificate Authority certificate. These CA certificates have an expiry date, as do all the certificates in the chain that were used to sign it. The certificate on the server may still be valid, but if the root certificate or any other certificate in that chain that signed it expired, you must get a new certificate to protect your server which now has unexpired certificates for each step in the chain to the root CA.
BrightSign recommends that users keep their OS updated. Since BrightSign trusts more current lists of CAs, you will have less chance of encountering certification problems.
If you need to fix this problem, ask your IT department to obtain a new SSL certificate for you and have them install it on the server.
These references provide further information about this issue:
The Impending Doom of Expiring Root CAs and Legacy Clients
Let's Encrypt's root certificate has expired, and it might break your devices | TechCrunch