If you are using my script to Set up UniFi Controller on Google Cloud Platform and you have been affected by the Let’s Encrypt root certificate roll over, you will need this fix.
Just Stop and then Start your virtual machine in Google Cloud Console. This will update the VM with new code. Presuming of course that you still have the startup-script-url in your metadata. The fix won’t be immediate, however. It will only take effect after the next certificate renewal, which might take up to 60 days.
If you want to fix it right away then you need to log in to the VM. You can do that with the SSH button in the Console. After you get a prompt type sudo certbot renew --force-renewal You will get a warning about the keystore format and an error Unable to import the certificate into keystore. I haven’t found the cause for the error, but the certificate is imported nonetheless.
Special thanks for Djo and Derek for providing the fix. It took me time to get the script to do the same and I also tried to get rid of the error. The FireFox workaround was too good so it took longer than it should have. Enjoy!