When I run the to test on checktls.com i get the following error:
[000.335] We can use this server
[000.335] TLS is an option on this server
[000.335] --> STARTTLS
[000.434] <-- 220 Go ahead
[000.435] STARTTLS command works on this server
[000.843] Connection converted to SSL
SSLVersion in use: TLSv1_2
Cipher in use: ECDHE-RSA-AES128-GCM-SHA256
Perfect Forward Secrecy: yes
Certificate #1 of 1 (sent by MX):
Cert is unsigned
Cert VALIDATION ERROR(S): unable to get local issuer certificate; unable to verify the first certificate
This may help: What Is An Intermediate Certificate
So email is encrypted but the recipient domain is not verified
Cert Hostname VERIFIED (vancromvoirt.com = *.vancromvoirt.com | DNS:*.vancromvoirt.com | DNS:vancromvoirt.com)
Not Valid Before: Aug 29 19:53:16 2020 GMT
Not Valid After: Nov 27 19:53:16 2020 GMT
subject= /CN=*.vancromvoirt.com
issuer= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
[000.962] ~~> EHLO www6.CheckTLS.com
[001.063] <~~ 250- Proxied . Please to meet you
250-SIZE 20971520
250-AUTH LOGIN PLAIN CRAM-MD5
250-AUTH=LOGIN PLAIN CRAM-MD5
250 OK
[001.063] TLS successfully started on this server
I have installed a PFX certificate with the complete certification chain inside. However the certification chain cannot be verified. Do I have to install the CA and Root certificate seperatly? And how can I do that?
With kind regards,
Jeroen