How do I resolve a TLS Error associated with smtpd?

I found the following in the logs: sssd_kcm: Starting up postfix/submission/smtpd: initializing the server-side TLS engine postfix/submission/smtpd: connect from unknown[::1] postfix/submission/smtpd: warning: connect to Milter service unix:/run/spamass-milter/spamass-milter.sock: No such file or directory postfix/submission/smtpd: setting up TLS connection from unknown[::1] postfix/submission/smtpd: unknown[::1]: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH" postfix/submission/smtpd: SSL_accept:before SSL initialization postfix/submission/smtpd: SSL_accept:before SSL initialization postfix/submission/smtpd: SSL_accept:SSLv3/TLS read client hello postfix/submission/smtpd: SSL_accept:SSLv3/TLS write server hello postfix/submission/smtpd: SSL_accept:SSLv3/TLS write change cipher spec postfix/submission/smtpd: SSL_accept:TLSv1.3 write encrypted extensions postfix/submission/smtpd: SSL_accept:SSLv3/TLS write certificate postfix/submission/smtpd: SSL_accept:TLSv1.3 write server certificate verify postfix/submission/smtpd: SSL_accept:SSLv3/TLS write finished postfix/submission/smtpd: SSL_accept:TLSv1.3 early data postfix/submission/smtpd: SSL3 alert read:fatal:bad certificate postfix/submission/smtpd: SSL_accept:error in error postfix/submission/smtpd: SSL_accept error from unknown[::1]: -1 postfix/submission/smtpd: warning: TLS library problem: error:0A000412:SSL routines::sslv3 alert bad certificate:ssl/record/rec_layer_s3.c:1586:SSL alert number 42: postfix/submission/smtpd: lost connection after STARTTLS from unknown[::1] postfix/submission/smtpd: disconnect from unknown[::1] ehlo=1 starttls=0/1 commands=1/2 Those two lines show up any time a user presses a "Password reset" button on a User authentication form. This is happening on all Django projects hosted on a VPS at the moment. Consequently, the server does not send the email that initiates the reset. Instead, users see "Server Error (500)" on the browser. This phenomenon is new. The pages were working months before. The log entries seem to suggest that the certificates are bad. I have renewed all certs on that server in an attempt to resolve the issue but the it persists. Note that mail submission via remote and local clients are working perfectly. I would appreciate guidance on how to remedy the situation. **# postconf | grep cert | grep smtp** smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt smtp_tls_CApath = /etc/pki/tls/certs smtp_tls_cert_file = smtp_tls_dcert_file = smtp_tls_dkey_file = $smtp_tls_dcert_file smtp_tls_eccert_file = smtp_tls_eckey_file = $smtp_tls_eccert_file smtp_tls_fingerprint_cert_match = smtp_tls_key_file = $smtp_tls_cert_file smtp_tls_scert_verifydepth = 9 smtp_tls_secure_cert_match = nexthop, dot-nexthop smtp_tls_verify_cert_match = hostname smtpd_tls_ask_ccert = no smtpd_tls_ccert_verifydepth = 9 smtpd_tls_cert_file = /etc/letsencrypt/live/site.com/fullchain.pem smtpd_tls_dcert_file = smtpd_tls_dkey_file = $smtpd_tls_dcert_file smtpd_tls_eccert_file = smtpd_tls_eckey_file = $smtpd_tls_eccert_file smtpd_tls_req_ccert = no tlsproxy_client_cert_file = $smtp_tls_cert_file tlsproxy_client_dcert_file = $smtp_tls_dcert_file tlsproxy_client_eccert_file = $smtp_tls_eccert_file tlsproxy_client_scert_verifydepth = $smtp_tls_scert_verifydepth tlsproxy_tls_ask_ccert = $smtpd_tls_ask_ccert tlsproxy_tls_ccert_verifydepth = $smtpd_tls_ccert_verifydepth tlsproxy_tls_cert_file = $smtpd_tls_cert_file tlsproxy_tls_dcert_file = $smtpd_tls_dcert_file tlsproxy_tls_eccert_file = $smtpd_tls_eccert_file tlsproxy_tls_req_ccert = $smtpd_tls_req_ccert