ispconfig 3.1.13 multi-server on ubuntu 18.04 sorry, this is going to be a long one... having a very strange issue with some cron jobs set up in ispconfig, not sure whether the problem is in the configuration of postfix, jaillkit, php, or something else, not sure if this is even the right place for the question, but it seems the most likely place to find others using all the software involved. basically, i have a multi-server ispconfig setup. a single postfix server for all the mailboxes, outbound mail etc. postfix is configured on the all the webservers as well, but it's blocked from sending anything externally, instead everything is sent to the main postfix server, which acts as a smarthost for the webservers. the issue is with sending mail from a jailkit ssh or cron user, running a php script which apparently tries to send mail using phpmailer, and should be using isSMTP to send through the main mailserver, not using a local sendmail (which was removed as per perfect server tutorials) everything points to the problem being something to do with TLS or certificate verification. (it s geotrust wildcard cert. same cert is used on the ispconfig panel, every postfix config, and the vhosts i'm trying to run the crons on. ) everything seems to be fine with the mailserver config, testing from checktls.com: but a posttls-finger to the server fails certficate verification: watching the mail logs on the main mailserver, when running the php script, manually as root, it all works fine, the script runs without problems, and the email gets sent ok. running the script, as a jailkit ssh user, or as jailkit ispconfig cron, i believe everything in the php script is running fine apart from the email sending. i get this in the main mailservers mail log: everything i've seen so far suggests that the jailkit ssh user can't verify the certificate. but i've run update-ca-certificates, and double checked, as the ssh user, it does have access to /etc/ssl/certs/ca-certificates.crt and i've checked in that file, the Digicert-Global_Root_CA is in that file. the only other suggestion i've seen is to change the phpmailer settings to not verify the peer. but it's all third pary code downloaded into the vhost and is ioncube protected, i don't see any way to do that. i have no idea where to even start on resolving this issue now. any suggestions, hints, correct answers would be greatly appreciated thanks lee.