POP3 and IMAP seem to be configured properly for TLS… With such a vague error message from GMail, I’ve got no clue where to proceed from this…
Unless GMail also checks the SMTP ports: your Postfix isn’t configured properly. It doesn’t serve the intermediate certificate. You should delete the smtpd_tls_CAfile directive (unless you’re using client certificate verification, which is unlikely) and point smtpd_tls_cert_file to fullchain.pem.