I'm sure most folks have heard about the expired DST Root CA X3 certificate by now. I see (using chainchecker.certifytheweb.com) that my v2.2.11 Traefik instance is serving the Let's Encrypt Legacy Chain which includes the expired cert rather than the Let's Encrypt Modern Chain which does not.
This is causing some problems with other services. How can I configure Traefik to use the Modern Chain instead? TIA
Edit - just updated to v2.5.3 and same issue
Edit - Just found the preferredChain option - will investigate this for now, please jump in if you know the answer though.
Edit - So I set preferredChain to "ISRG Root X1" and restarted but it is still serving the chain with the expired X3 cert