sSMTP errors : `Unable to set TLS_CA_FILE="/full/path/to/file.pem"' then 'Bad Credentials' from gmail

Question

Even though I can succeed in sending mail using swaks with ssmpt protocol, I get an error when I try to use the ssmpt program.

Here is the mail log from the failing ssmtp exchange:

Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set Root="skunkxunfriend@gmail.com"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Unable to set TLS_CA_FILE="/etc/ssl/cert/skunk-desktop.pem"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set MailHub="smtp.gmail.com"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set RemotePort="587"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set AuthUser="skunkxunfriend@gmail.com"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set UseTLS="True"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set UseSTARTTLS="True"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set RewriteDomain="gmail.com"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set HostName="skunk-desktop.attlocal.net"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Set FromLineOverride="False"
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Creating SSL connection to host
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 220 smtp.gmail.com ESMTP xxxxxxxxxxxxxxxx.26 - gsmtp
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: EHLO skunk-desktop.attlocal.net
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 250 SMTPUTF8
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: STARTTLS
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 220 2.0.0 Ready to start TLS
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: SSL connection using RSA_AES_128_CBC_SHA1
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: EHLO skunk-desktop.attlocal.net
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 250 SMTPUTF8
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: AUTH LOGIN
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 334 xxxxxxxxxxxx
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 334 xxxxxxxxxxxx
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: 535 5.7.8  https://support.google.com/mail/?p=BadCredentials xxxxxxxxxxxxxxxx.26 - gsmtp
Sep  8 21:25:24 skunk-desktop sSMTP[13400]: Authorization failed (535 5.7.8  https://support.google.com/mail/?p=BadCredentials xxxxxxxxxxxxxxxx.26 - gsmtp)

In my ssmtp.conf file there is only a single variable to specify the certificate file, and I have set it as:

• TLS_CA_FILE=/etc/ssl/cert/skunk-desktop.pem

However, the working swanks setup there are places for two file settings, as you can see in the following swanks command line with flags '-tsl-certandtsl-key`:

swaks -t skunkxunfriend@gmail.com \
  -s smtp.gmail.com:587 \
  -protocol SSMTP \
  -tls \
  -tls-cert /etc/ssl/cert/skunk-desktop.pem \
  -tls-key /etc/ssl/private/skunk-desktop.pem \
  -au skunkxunfriend@gmail.com \
  -ap "<password> \
  -apt

So there was no place to specify tsl-key in the ssmtp.conf` file. Notably, swaks has another option to specify the certificate as a single file:

--tls-ca-path <single file does it all>

I used the following to create my own certificate pair of files:

DIRC=/etc/ssl/cert
DIRP=/etc/ssl/private
CNAME=skunk-desktop.pem
openssl req -newkey rsa:4096 -nodes -sha512 -x509 -days 3650 -nodes -out $DIRC/$CNAME -keyout $DIRP/$CNAME
chmod go= $DIRP/$CNAME

I think I might be able to solve this problem by uinstructing openssl to create a single 'CA' file instead of a public/private pair of .pem files. However I don't know how to do that.

Is the problem really just the need to create a single 'CA' file? If not, what is the problem and how can it be solved?