My problem lies with smtp and my ISP. It makes contact but the auth gets refused.

Here is some of my main.cf in postix


# Enable TLS/SASL for the myisp server

smtp_tls_note_starttls_offer = yes
tls_random_source = dev:/dev/urandom

# SASL SUPPORT FOR SERVERS
#
# The following options set parameters needed by Postfix to enable
# Cyrus-SASL support for authentication of mail servers.
#
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/opt/zimbra/postfix-2.2.3/sasl/passwd
smtp_sasl_security_options =

smtp_use_tls = yes
smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
smtpd_tls_loglevel = 3

content_filter = smtp-amavis:[127.0.0.1]:10024
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
disable_dns_lookups = yes
message_size_limit = 10240000

relayhost = myisp


The problem I beleive lies in this section

smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key

I beleive I have to provide my ISp's cert file and key

here is some of zimbra.log


Dec 15 05:20:12 localhost postfix/smtp[13587]: certificate verification failed for myisp: num=20:unable to get local issuer certificate
Dec 15 05:20:12 localhost postfix/smtp[13587]: certificate verification failed for myisp: num=27:certificate not trusted
Dec 15 05:20:12 localhost postfix/smtp[13587]: certificate verification failed for myisp: num=21:unable to verify the first certificate
Dec 15 05:20:12 localhost postfix/smtp[13587]: Server certificate could not be verified

I am using myisp for my real ISP smtp account

Here is another thing I don't understand when I start, stop postfix

Dec 15 07:10:58 localhost postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.2.3/conf/main.cf
Dec 15 07:12:11 localhost postfix/postfix-script: stopping the Postfix mail system
Dec 15 07:12:11 localhost postfix/master[3311]: terminating on signal 15
Dec 15 07:12:27 localhost postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.2.3/conf/main.cf
Dec 15 07:12:27 localhost postfix/postfix-script: starting the Postfix mail system
Dec 15 07:12:27 localhost postfix/master[1417]: daemon started -- version 2.2.3, configuration /opt/zimbra/postfix-2.2.3/conf

If I change it to root postix changes back to zimbra zimbra

Any suggetsions. I'm almost there to getting this fixed. So far fecthmail works perfectly and is suppling the proper certificates that I got from a how to guide for my ISP.

Do I use those same certifactes with postfix ?