==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Web server (Apache or Nginx):
- Manage mail accounts with iRedAdmin-Pro?
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I'm running iRedMail 1.7.4 iRedAdmin    2.6 (MySQL) - on a Debian 10 (Ngix) server that I've been maintaining for several years.  I've updated the certs each year and haven't had any issues - but it seems like something has changed.

I've been using godaddy for my ssl certs - and this year file download had completely different files.  Normally you'd download a zip from godaddy and it had your certificate (*.crt) file and a bundle g2-g1.crt file.  You combined the two and put them in the right places and everything was hunky-dory.

This year the godaddy download had 4 files: certificate.crt, certificate.pem, intermediate.pem, root.pem.  The two certificates are the same - but I wasn't sure of what to do with the other pem files.

Digging around on godaddy's site - I found a 'repository' where I could download the bundle-g2-g1.crt file I was used to.  I combined that with my certificate file and things 'mostly' worked.  Most devices are working fine but ssl-site checkers are giving errors and gmail is refusing to connect due to TLS errors.

Using godaddy's ssl site checker tool I'm getting the error:  Certificate chain is incomplete, missing intermediate(s)
It's also warning:
OCSP Stapling    Disabled
OCSP Status    Unable to verify ocsp status with incomplete chain
Strict-Transport-Security  Disabled

It seems like format &/ expectations have changed, do you have any guidance on how to fix this Certificate Chain error?