What's up with almost every other site having invalid ssl certs, even though they are signed with a future date and by LetsEncrypt, did chrome again distrust a batch?

Which sites?

@C0D4 the most recent example was actually an expired (comodo) ssl cert, but the ones I mean I can't even remember anymore, because it was some of the thousands of websites I went through to find a nat vps, I think the error message was similar: "common_name_invalid' if I'm not mistaken.

not synced servers?

@Bitwise that’s meant to occur in October I believe, unless you’re on the beta streams.

@Bitwise are LE certs based on symantec?

no they are a full flegded root ca