==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 0.9.9
- Deployed with iRedMail Easy or the downloadable installer? Downloadable installer
- Linux/BSD distribution name and version: Debian 9.8.0
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi, I'm not very good at this and I really need your help.

We have Pfsense with a self-signed CA. I need to set up a Thunderbird with SSL support. Pfsense must validate the client and server certificate. I followed this instruction https://docs.iredmail.org/use.a.bought. … cate.html:
1. Created in iRedMail a key and a request for signing.
2. Signed a request in Pfsense.
3. Pfsense gave me three files: .crt, .key, .p12.
4. I copied the .crt and .key files to /etc/ssl/certs and /etc/ssl/private (renamed them to iRedMail.crt and iRedMail.key).
5. Also, I placed the Pfsense CA file in /etc/ssl/certs/CA.crt and in the /etc/postfix/main.cf added the path to this CA file:

smtpd_tls_CAfile = /etc/ssl/certs/CA.crt

6. Restarted the server.

Added all these certificates to Thunderbird, but it still gives a message that "the certificate was not found on mydomain:110" with a proposal to add an exception.

What am I doing wrong? Tell me at least in what direction to look for a problem

Thank you