When I run the to test on checktls.com i get the following error:

[000.335]                             We can use this server

[000.335]                             TLS is an option on this server

[000.335]             -->         STARTTLS

[000.434]             <--          220 Go ahead

[000.435]                             STARTTLS command works on this server

[000.843]                             Connection converted to SSL

SSLVersion in use: TLSv1_2

Cipher in use: ECDHE-RSA-AES128-GCM-SHA256

Perfect Forward Secrecy: yes

Certificate #1 of 1 (sent by MX):

Cert is unsigned

Cert VALIDATION ERROR(S): unable to get local issuer certificate; unable to verify the first certificate

This may help: What Is An Intermediate Certificate

So email is encrypted but the recipient domain is not verified

Cert Hostname VERIFIED (vancromvoirt.com = *.vancromvoirt.com | DNS:*.vancromvoirt.com | DNS:vancromvoirt.com)

Not Valid Before: Aug 29 19:53:16 2020 GMT

Not Valid After: Nov 27 19:53:16 2020 GMT

subject= /CN=*.vancromvoirt.com

issuer= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3

[000.962]             ~~>       EHLO www6.CheckTLS.com

[001.063]             <~~        250- Proxied . Please to meet you

250-SIZE 20971520

250-AUTH LOGIN PLAIN CRAM-MD5

250-AUTH=LOGIN PLAIN CRAM-MD5

250 OK

[001.063]                             TLS successfully started on this server

I have installed a PFX certificate with the complete certification chain inside. However the certification chain cannot be verified. Do I have to install the CA and Root certificate seperatly? And how can I do that?

With kind regards,

Jeroen