SMTP/SSL settings for Let's Encrypt and Gitlab CE (source installation)

Hello there! I tried to set up Postfix SMTP server using the official guide ( for Gitlab accessible through SSL. I successfully installed and run Gitlab with SSL certificates from Let’s Encrypt using the following configuration:


email_enabled: true
    email_from: 'gitlab-mailer@DOMAIN'
    email_display_name: 'RSC'
    email_reply_to: 'gitlab-mailer@DOMAIN'
    email_subject_suffix: '[GitLab]'
        enabled: true
        address: "gitlab-mailer+%{key}@DOMAIN"
        user: "gitlab-mailer"
        password: "PASSWORD"
        host: "DOMAIN"
        port: 993
        ssl: true
        start_tls: false
        mailbox: "inbox"
        idle_timeout: 20


if Rails.env.production?
      Rails.application.config.action_mailer.delivery_method = :smtp

      ActionMailer::Base.delivery_method = :smtp
      ActionMailer::Base.smtp_settings = {
        #address: "DOMAIN",
        address: "localhost",
        port: 25,
        user_name: "gitlab-mailer",
        password: "PASSWORD",
        authentication: :login,
        enable_starttls_auto: true,
        ca_file: "/etc/letsencrypt/live/DOMAIN/fullchain.pem",
        openssl_verify_mode: 'peer'

Trying to send email through Gitlab I had 500 error and the following output in production.log:

Preformatted text`Processing by Profiles::EmailsController#resend_confirmation_instructions as HTML
  Parameters: {"authenticity_token"=>"[FILTERED]", "id"=>"3"}

Sent mail to ADDRESS (304.5ms)
Completed 500 Internal Server Error in 876ms (ActiveRecord: 1.9ms)

OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=error: certificate verify failed):
  app/services/emails/confirm_service.rb:4:in `execute'
  app/controllers/profiles/emails_controller.rb:28:in `resend_confirmation_instructions'
  lib/gitlab/i18n.rb:50:in `with_locale'
  lib/gitlab/i18n.rb:56:in `with_user_locale'
  app/controllers/application_controller.rb:362:in `set_locale'
  lib/gitlab/middleware/multipart.rb:95:in `call'
  lib/gitlab/request_profiler/middleware.rb:14:in `call'
  lib/gitlab/middleware/go.rb:17:in `call'
  lib/gitlab/etag_caching/middleware.rb:11:in `call'
  lib/gitlab/middleware/read_only/controller.rb:28:in `call'
  lib/gitlab/middleware/read_only.rb:16:in `call'
  lib/gitlab/request_context.rb:18:in `call'
  lib/gitlab/metrics/requests_rack_middleware.rb:27:in `call'
  lib/gitlab/middleware/release_env.rb:10:in `call'

I tried to change the Postfix/Courier settings and have no success. Also the attempts to connect to SMTP on port 25 using OpenSSL are all successful. Double-check ( is also successful.

Would you give me an advice about how to set up Gitlab for connection to SMTP through SSL correctly?