Here is some external proof that the cert is VALID:
openssl s_client -connect mail.boardmapsemail.com:25 -starttls smtp
CONNECTED(000001B0)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
- - -
Certificate chain
0 s:/CN=mail.boardmapsemail.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
- - -
Server certificate
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISBEMuVJEGoJY8ZSeqes7rA0otMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODEyMDYwNDIxMzRaFw0x
OTAzMDYwNDIxMzRaMCIxIDAeBgNVBAMTF21haWwuYm9hcmRtYXBzZW1haWwuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiat9NckkuKO+GtvQ4N8m
D3qY/gAAwQ33gUxblWUYGCHmmroLN3c0ACjln6gBIjzJ8a2zPBWMWXadzrNtJxKM
nuZhcrWo9G6ROKBTPd0QdSqf9JoPbEJ8IzTfFE703J3adoiC3kQwXzx2IlrGY+NO
7FO4ST2/L14hvk/rX9IMkeLfqc8/GySB5TlVcTvVQ/hAILdZe27shZcC6E7DjU2z
RoaD0rQu4xCM5knS2Lyli+E7ydhsH1OQQYEIZ8KXIuXV1gwUYZ+2JW64nUQ7TDX1
IgQL5PMZcni2zsHt2k2BwnErnzfvNSBgXdVxu9uoEz2ibFHV87UDfMOZL6Cwa9XP
wwIDAQABo4IC7DCCAugwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUF
BwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTWmCqv+J6FaYpP
VxcPNRUSHweZbjAfBgNVHSMEGDAWgBSoSmpjBH3duubRObemRWXv86jsoTBvBggr
BgEFBQcBAQRjMGEwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLmludC14My5sZXRz
ZW5jcnlwdC5vcmcwLwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRz
ZW5jcnlwdC5vcmcvMIGhBgNVHREEgZkwgZaCH2F1dG9kaXNjb3Zlci5ib2FyZG1h
cHNlbWFpbC5jb22CIGRicy1leDAxLmNvcnAuYm9hcmRtYXBzZW1haWwuY29tgiBk
YnMtZXgwMi5jb3JwLmJvYXJkbWFwc2VtYWlsLmNvbYIXbWFpbC5ib2FyZG1hcHNl
bWFpbC5jb22CFm93YS5ib2FyZG1hcHNlbWFpbC5jb20wTAYDVR0gBEUwQzAIBgZn
gQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5s
ZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdgB0ftqDMa0z
EJEhnM4lT0Jwwr/9XkIgCMY3NXnmEHvMVgAAAWeB9s5PAAAEAwBHMEUCIQDHjqBn
jZtkbaFY32M3vA0u8yQ81tZr8DyWE4yzp3U1ZAIgBqvnQLJiZAqGjG7a03slJD2Z
Px5aHAsAwwE7sBF99XgAdgBj8tvN6DvMLM8LcoQnV2szpI1hd4+9daY4scdoVEvY
jQAAAWeB9tA3AAAEAwBHMEUCIQDYf3gHwVUKRMh5/fwmvJCOgt5nFbP41EOzWMvc
n+FASgIgImLFuqOU67MZpQlQMih0buwTTwqco7xhz+KD1Q39JNIwDQYJKoZIhvcN
AQELBQADggEBAAWEitPHf7KU5bKQK2EW8jBlKp0i9Aaoq+6twojemaLy7uNg/J8S
szn2yDlp9X3eV41Kx/6JmKAGS8YPHH0SIhnFeLpGAgRWxho9ZGzbbpsmB3H34HIc
5UzEbgNfQirNCl6GySNeKSaJtJPaI1akJS7iel3/ZCsfszjBdeiouejiNvZccyWK
sPbpMWBFXcHmeOCok++dxpW1dgfDwGTJpw+s83bKsUAcOuEp1n8kWBvQOJMwWTg5
2N1fDrz+dHWFoOZwdYxcgx1S/AY8jKERsU244ru+MbHC58OLhDOxq4dp4fu/VziP
XB//cX2+FQlBW95lX/FE/a0ekkpRs1iEriw=
-----END CERTIFICATE-----
subject=/CN=mail.boardmapsemail.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
- - -
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA512:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA512:ECDSA+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1
Peer signing digest: SHA1
Server Temp Key: ECDH, P-521, 521 bits
- - -
SSL handshake has read 3724 bytes and written 471 bytes
Verification error: unable to get local issuer certificate
- - -
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA384
Session-ID: AA380000ECE2AF943C045C40E8915C99377606E1A5B2A77AFDFD0943732AFE8B
Session-ID-ctx:
Master-Key: E8CB02AB6289829B996C3490B0B2D31E739B94660CA8622E7B5734FF95AAA7AF1502EF0FC4A38B210367E265C4D74618
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1544085401
Timeout : 7200 (sec)
Verify return code: 20 (unable to get local issuer certificate)
Extended master secret: yes
- - -
250 XRDST
^C