Mail server sending to postfix refusing TLS connection with "certificate expired", but it's not

I'm talking about this option:

"List of acceptable CAs" can mean "a root store" instead of "the certificate chain."