As of the time of this writing, Let’s Encrypt is using DST Root CA X3 as the root CA cert. Copy its contents to a .pem file in a well-known location on your server and let’s reference it as $ROOT_CA_CERT in this document.
Would anyone be able to give some help on this? Thanks!
Ah, a few things were wrong on my end. I needed to specify Acme.PreferredIssuer to be “ISRG Root X1” in settings.json for WIN-ACME and download that X1 pem from https://letsencrypt.org/certificates/ and then yes, I just needed the root in that last box, nothing concatenated. Thanks for your help!