Let's Encrypt ssl cert is ok. The problem is you're using the Apache config files modified by LetsEncrypt script.
*) If this is not a production server and reinstalling OS+iRedMail is acceptable, you can reinstall OS+iRedMail first, then request LetsEncrypt ssl cert with its '--webroot' option. Then it just requests cert without modifying any config file. After got the cert, follow our tutorial to modify Apache/Nginx/Postfix/Dovecot config files to use the cert: http://www.iredmail.org/docs/use.a.boug … icate.html
*) If you cannot reinstall OS+iRedMail: Don't use the Apache config files modified by LetsEncrypt, just use the ones generated by iRedMail, and follow our tutorial to use the ssl cert.