Having problems with ssl certificate

aaP_darren_kuzik

Hello I am having some issues with my mail server.
Right now can only send mail via port 143 can't receive email.
When setting up email program (gmail) get "Certificate not valid" Ceriticate not trusted.
I am getting certificate error.
Running ubuntu
Any help much appreciated

Darren

Checking mydomain.com from www12-do.checktls.com(V03.66.06) at 2022-09-08T01:34:54Z:
seconds lookup result
[000.000] DNS LOOKUPS
[000.008] SEARCHLIST 104.131.108.216,134.209.169.224,1.1.1.1,8.8.8.8,67.207.67.3
[000.010] MX (10) mail.mydomain.com
[000.012] MX:A-->mail.mydomain.com 11.111.11.111
seconds test stage and result
[000.000] Trying TLS on mail.mydomain.com[11.111.11111:25] (10)
[000.034] Server answered
[000.110] <‑‑ 220 mail.mydomain.com ESMTP Postfix (Ubuntu)
[000.111] We are allowed to connect
[000.111] ‑‑> EHLO www12-do.checktls.com
[000.145] <‑‑ 250-mail.mydomain.com
250-PIPELINING
250-SIZE 102400000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
[000.145] We can use this server
[000.145] TLS is an option on this server
[000.146] ‑‑> STARTTLS
[000.179] <‑‑ 220 2.0.0 Ready to start TLS
[000.180] STARTTLS command works on this server
[000.233] Connection converted to SSL
SSLVersion in use: TLSv1_3
Cipher in use: TLS_AES_256_GCM_SHA384
Perfect Forward Secrecy: yes
Session Algorithm in use: Curve X25519 DHE(253 bits)
Certificate #1 of 1 (sent by MX):
Cert VALIDATION ERROR(S): unable to get local issuer certificate
This may help: What Is An Intermediate Certificate
So email is encrypted but the recipient domain is not verified
Cert Hostname VERIFIED (mail.mydomain.com = mydomain.com | DNS:*.mydomain.com | DNS:mydomain.com)
Not Valid Before: Jul 19 08:00:34 2022 GMT
Not Valid After: Oct 17 08:00:33 2022 GMT
subject: /CN=mydomain.com
issuer: /C=US/O=Let's Encrypt/CN=R3
[000.238] > EHLO www12-do.checktls.com
[000.302] < 250-mail.mydomain.com
250-PIPELINING
250-SIZE 102400000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
[000.302] TLS successfully started on this server
[000.302] > MAIL FROM:test@checktls.com
[000.346] < 250 2.1.0 Ok
[000.346] Sender is OK
[000.347] > QUIT
[000.381] < 221 2.0.0 Bye