I had this same issue with a very similar setup, until I tried the entire processing using zmcertmgr via ssh directly on the mta machine.
I am still having the same issue with subjectAltName (which is baffling me some what), but I do have a cert installed on my MTA. |