Hello,
I dont believe that Lets Encrypt is related to this issue anyhow.
Unfortunately the screenshot you tried to upload got lost, so I dont know about the current error.
In general the critical related point is the “SAML SSO” section in Renewing the SSL certificates. In addition I want to point to the hint in the test_service_provider_certificate function quoted above (run the script /usr/share/univention-management-console/saml/update_metadata).
Best Regards,
Dirk Ahrnke