You will need to manually install the newer root certificates on your system.

Download from here: https://www.digicert.com/kb/digicert-root-certificates.htm
Baltimore CyberTrust Root CA
DigiCert Global Root CA
DigiCert High Assurance EV Root CA

and from here https://letsencrypt.org/certificates/:
ISRG Root X1
(Get the cross signed version if you want to be certain it works.)


If you're on windows:
Open up MMC (Microsoft Management Console), mmc.exe
To do so, the fastest way would be to press and hold the windowskey on your keyboard, then pressing R. You can release both keys now.
Now "Run" should have opened up.

In here type mmc and hit the enter button.

Within MMC, do the following:
Press ctrl+M and add the modules Certificates and Group Policy Object Editor

In case you how to do that:
Click Certificates, and hit Add
- Computer Account
- Local
- OK

Then Group Policy Object Editor
- Local Computer object
- OK

Within MMC's main window, the modules should now be visible.

- Open the Certificates tree and right click on Trusted Root Certification Authorities
- Mouse-Over All Tasks
- Hit Import
follow the instructions there to import the certificates one at a time.
> Both Current User and Local is fine, though Local is advised. It saves a different user some trouble.
> "Automatically select the certificate store based on the type of certificate" is recommended

- Open Group Policy Object Editor tree next and go to: Local Computer Policy > Computer Configuration > Windows Settings > Security Settings > Public Key Policies
- Double Click on Certificate Path Validation Settings
- Select the Stores tab (if it isn't selected)
- Check Define these policy settings
- Check Allow user trusted root CAs to be used to validate certificates
- Check Allow users to trust peer trust certificates
- Make sure under "Root CAs that the client computers can trust" that Third Party and Enterprise Root CAs is selected.

-Apply
-OK

You're done.

You might need to restart windows, but it should work now.