email stopped working after ssl install

Hi,
I installed ISPCONFIG 3 following this setup https://www.howtoforge.com/perfect-...l-php-pureftpd-postfix-dovecot-and-ispconfig3 and everything worked great.
I then installed a free SSL, following the below instructions and now my emails are not longer working. i cant access roundcube, it says: cannot connect to storage server and in microsoft outlook i can send email but cant receive email. below are the mail logs.

Visit http://www.startssl.com/ and create an account. After you have validated your domain (on the Validations Wizard tab), you can request your certificate on the Certificates Wizard tab - select Web Server SSL/TLS Certificate from the Certificate Target drop-down field
then skip step 2 because our server has csr already generated

cat /usr/local/ispconfig/interface/ssl/ispserver.csr
copy and paste this key in startssl website
and finish the wizard.

After a while the ssl is ready, in startssl.com push toolbox and then select retrieve certificate.

Copy the certificate and paste it in ssh, type:
mv /usr/local/ispconfig/interface/ssl/ispserver.crt /usr/local/ispconfig/interface/ssl/ispserver.crt_bak
nano /usr/local/ispconfig/interface/ssl/ispserver.crt

paste the certificate

cd /usr/local/ispconfig/interface/ssl
wget https://www.startssl.com/certs/ca.pem
wget https://www.startssl.com/certs/sub.class1.server.ca.pem

mv ca.pem startssl.ca.crt
mv sub.class1.server.ca.pem startssl.sub.class1.server.ca.crt
cat startssl.sub.class1.server.ca.crt startssl.ca.crt > startssl.chain.class1.server.crt
cat ispserver.{key,crt} startssl.chain.class1.server.crt > ispserver.pem
chmod 600 ispserver.pem

nano /etc/httpd/conf/sites-available/ispconfig.vhost
by #ssl configuration add this line
SSLCertificateChainFile /usr/local/ispconfig/interface/ssl/startssl.sub.class1.server.ca.crt

systemctl restart httpd

cd /etc/postfix
mv smtpd.cert smtpd.cert_bak
mv smtpd.key smtpd.key_bak
ln -s /usr/local/ispconfig/interface/ssl/ispserver.crt smtpd.cert
ln -s /usr/local/ispconfig/interface/ssl/ispserver.key smtpd.key
postconf -e 'smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt'

systemctl restart postfix

nano /etc/dovecot/dovecot.conf
ADD THIS AFTER SSL_KEY
ssl_ca = </usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt
save and close

systemctl restart dovecot

cd /etc/ssl/private/
mv pure-ftpd.pem pure-ftpd.pem_bak
ln -s /usr/local/ispconfig/interface/ssl/ispserver.pem pure-ftpd.pem
systemctl restart pure-ftpd

MAIL LOGS:
tail -n40 /var/log/maillog
Apr 13 13:10:34 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 13 13:11:21 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223]
Apr 13 13:11:21 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223]
Apr 13 13:12:11 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223]
Apr 13 13:12:15 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 13 13:12:42 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223]
Apr 13 13:12:42 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223]
Apr 13 13:12:59 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223]
Apr 13 13:13:03 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 13 13:13:14 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223]
Apr 13 13:13:14 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223]
Apr 13 13:14:01 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223]
Apr 13 13:14:05 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 13 13:14:52 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223]
Apr 13 13:14:52 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223]
Apr 13 13:15:01 mydealsexpress postfix/smtpd[17416]: connect from localhost[::1]
Apr 13 13:15:01 mydealsexpress postfix/smtpd[17416]: lost connection after CONNECT from localhost[::1]
Apr 13 13:15:01 mydealsexpress postfix/smtpd[17416]: disconnect from localhost[::1]
Apr 13 13:15:01 mydealsexpress dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Apr 13 13:15:01 mydealsexpress dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs
Apr 13 13:15:01 mydealsexpress dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line
Apr 13 13:15:01 mydealsexpress dovecot: pop3-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Apr 13 13:15:01 mydealsexpress dovecot: pop3-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line
Apr 13 13:15:01 mydealsexpress dovecot: master: Error: service(pop3-login): command startup failed, throttling for 60 secs
Apr 13 13:15:40 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223]
Apr 13 13:15:44 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 13 13:16:01 mydealsexpress dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Apr 13 13:16:01 mydealsexpress dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line
Apr 13 13:16:01 mydealsexpress dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs
Apr 13 13:16:16 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223]
Apr 13 13:16:16 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223]
Apr 13 13:17:01 mydealsexpress dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Apr 13 13:17:01 mydealsexpress dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line
Apr 13 13:17:01 mydealsexpress dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs
Apr 13 13:17:05 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223]
Apr 13 13:17:09 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 13 13:18:03 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223]
Apr 13 13:18:03 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223]
Apr 13 13:18:53 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223]
Apr 13 13:18:56 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

 

You should check your config.
dovecot:

Code:

ssl_cert = </etc/postfix/smtpd.cert
ssl_key = </etc/postfix/smtpd.key
ssl_protocols = !SSLv2 !SSLv3
ssl_ca = </etc/ssl/startssl/ca-bundle.crt
ssl_client_ca_file = /etc/ssl/ca-bundle.crt
ssl=yes

 

Thank you.

 

This might be off topic, but will this be implemented automatically with let's encrypt for site and email when the 3.1 is released?