I googled, but I didnt come across that one. Thanks jggimi. I knew you lads would know the answer.
I generated some new RSA 2048 bit keys and all was ok.
Code:
postfix/smtps/smtpd[9783]: connect from unknown[10.0.0.66]
Oct 31 11:02:20 mail postfix/smtps/smtpd[9783]: Anonymous TLS connection established from unknown[10.0.0.66]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Oct 31 11:02:21 mail postfix/smtps/smtpd[9783]: 02621701C3F: client=unknown[10.0.0.66], sasl_method=PLAIN, sasl_username=xxxxxxx
Oct 31 11:02:21 mail postfix/cleanup[23539]: 02621701C3F: message-id=<5090789C.4040201@xxxxxx.com.au>
Id thank you but it seems to be removed.
To clarify further. I was doing it the older way (atleast what I think was the older method), where pem files werent necessarily needed. just the old .crt/.key files. That was most likely it. I went over the openssl docs again and saw the difference. (as well as the postfix TLS man, even though I read it 20 times yesterday I guess it didnt click as I had been trying to solve it for so long - amazing what a nights sleep can do).
Thank you again kind sir.