If half the websites you go to on your Mac say the certificate has expired, and this problem started in 1st October 2021, you may need to manually update the Root Certificates in your Keychain. The cause is likely to be that Let’s Encrypt uses a certificate that expired 30th September: DST Root CA X3.

I couldn’t find a way to remove this old certificate from my Mac but the fix was to open Apple Keychain Access and manually install a new Root Certificate.

First download the new certificate from this link: https://letsencrypt.org/certs/isrgrootx1.der

Open Keychain Access
Unlock and Select the System keychain
Go to >File >Import Items and import the new certificate – that should be it.