These days som of our Android clients that consumes API server that are powered by VirtualMin on CentOS 7 with LetsEncrypt certificates went offline and with further investigations Android/Volley was complaining with this error code:
java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
Further investigation lead to see that LetsEncrypt is using new intermediate Chain. Manually changing the Ca certificate fix the problem. Some discussion on this: https://community.letsencrypt.org/t/chain-missing-or-incomplete/140592/9