When I run the to test on checktls.com i get the following error:

[000.335]                             We can use this server

[000.335]                             TLS is an option on this server

[000.335]             -->         STARTTLS

[000.434]             <--          220 Go ahead

[000.435]                             STARTTLS command works on this server

[000.843]                             Connection converted to SSL

SSLVersion in use: TLSv1_2

Cipher in use: ECDHE-RSA-AES128-GCM-SHA256

Perfect Forward Secrecy: yes

Certificate #1 of 1 (sent by MX):

Cert is unsigned

Cert VALIDATION ERROR(S): unable to get local issuer certificate; unable to verify the first certificate

This may help: What Is An Intermediate Certificate

So email is encrypted but the recipient domain is not verified

Cert Hostname VERIFIED (vancromvoirt.com = *.vancromvoirt.com | DNS:*.vancromvoirt.com | DNS:vancromvoirt.com)

Not Valid Before: Aug 29 19:53:16 2020 GMT

Not Valid After: Nov 27 19:53:16 2020 GMT

subject= /CN=*.vancromvoirt.com

issuer= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3

[000.962]             ~~>       EHLO www6.CheckTLS.com

[001.063]             <~~        250- Proxied . Please to meet you

250-SIZE 20971520

250-AUTH LOGIN PLAIN CRAM-MD5

250-AUTH=LOGIN PLAIN CRAM-MD5

250 OK

[001.063]                             TLS successfully started on this server

I have installed a PFX certificate with the complete certification chain inside. However the certification chain cannot be verified. Do I have to install the CA and Root certificate seperatly? And how can I do that?

With kind regards,

Jeroen

Is there any chance you clicked the "Test Certificate" button while creating the cert? There should be 3 certs in the chain. Try running the same test again synametrics.com and see the certs you get. You should get similar results.

Try recreating the certificate from Let's Encrypt and see if that fixes the problem