Mail server (iRedMail) - adding e-mail account to my Gmail over SSL times out

Question

When I try adding my account to Gmail with port 995 it times out. When I checkmark Always use an secured SSL connection in the Gmail add account window I get this error:

"SSL error: unable to verify the first certificate"

digicert gives green checkmarks while testing mail.serv except for

SSL Certificate is not trusted

I added Acmetool certs to Nginx 00-default.conf as normally. Added certs to Postfix like so:

postconf -e smtpd_tls_cert_file='/var/lib/acme/live/mail.server.com/cert'
postconf -e smtpd_tls_key_file='/var/lib/acme/live/mail.server.com/privkey'

Added certs to Dovecot conf like so:

ssl_certificate /var/lib/acme/live/mail.server.com/cert;
ssl_certificate_key /var/lib/acme/live/mail.server.com/privkey;

What is this issue about and how do can I try and solve this?

Answer 1

Follow this tutorial to setup SSL cert/key in Postfix/Dovecot: http://www.iredmail.org/docs/use.a.bought.ssl.certificate.html

Answer 2

What I had to use was fullchain instead of cert e.g.:

acmetool want mail.awesome-server.io

## nginx conf
    ssl on;
    ssl_certificate /var/lib/acme/live/mail.awesome-server.io/fullchain;
    ssl_certificate_key /var/lib/acme/live/mail.awesome-server.io/privkey;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

## /etc/dovecot/dovecot.conf
    ssl_cert = </var/lib/acme/live/mail.awesome-server.io/fullchain
    ssl_key = </var/lib/acme/live/mail.awesome-server.io/privkey

service dovecot restart

postconf -e smtpd_tls_cert_file='/var/lib/acme/live/mail.awesome-server.io/fullchain'
postconf -e smtpd_tls_key_file='/var/lib/acme/live/mail.awesome-server.io/privkey'

service postfix restart