Sophos XG MTA certificate issue

Hello guys,


I´m currently using Sophos XG Email protection in MTA mode.

I uploaded my exchange certificate into Sophos and using this certificate in SMTP TLS Configuration.

When I try to send and email I can see this error in logs


INF Nov 17 18:38:43 [0xc0000002]: Server certificate error 'unable to get local issuer certificate'


Certificate is generated by Lets Encrypt installed on exchange server and valid as well.

Any ideas how to fix this?


Thank you very much for any help!





  • Currently i suggest to upgrade to V17.5 and try again. XG will use Exim as new daemon. Most likely your email issue is gone. 

  • Hi,

    I tried to configure geotrust and rapidssl certificates in the SMTP TLS Configuration.

    Same results for all.

    When i try to verify i get the same error on checktls web page or others.

    Certificate 1 of 1 in chain: Cert VALIDATION ERROR(S): unable to get local issuer certificate; unable to verify the first certificate

    CA Root and Intermediate CA installed too.

    Published mail web server works without issues.

    Firmware SFOS 17.5.7 MR-7

    Any ideas ?