Email certificates expiring on iOS causing a constant pop up every 3 seconds
-
On an iPhone 6s and iPhone 6s Plus, when using imap and smtp, me and my users are getting inncessant pop ups and warning that the certificate for my servers imap and smtp server is not verified and They don’t stop after selecting trust. After the 3rd time selecting trust the pop up occurs the pop up happens, but the option to select trust is no longer available. I can add screenshots to this later.
-
@privsec iphone 6s? Is the certificate saying expired on the iPhone?
If the date on the certificate is good it could be because the phones are too old and the CA certs installed on the devices in question have expired instead. In which case there is no fix except accepting the certs as self-signed. (CA = Certificate Authority. Essentially it's a certificate that tells your phone the cert(s) you have installed on your server are legitimate.)
https://support.apple.com/en-us/HT204477#:~:text=If you want to turn,Mobile Device Management (MDM).
Link may help
-
I had this once. Solved by removing the account and re-adding.
-
@privsec The imap and smtp address seems wrong. It should just be
mail.yourdomain.com
. I assume you change the mail server location tomail.yourdomain.com
in the Email settings page? In your screenshots, it showsimap.mail.yourdomain.com
andsmtp.mail.yourdomain.com
, whic is not correct. -
@privsec So, the address you should be using is
my.domain.com
(as displayed in the screenshot you posted). If you want to change this tomail.domain.com
, you can change it in the UI below under Settings. Click on the edit button on the right of the Mail server location and set it tomail
instead ofmy
:It's important that the mail server location matches what you enter in the iOS client. If they don't match, they will complain that the domain name in the certificate does not match.
Finally, the bug (which I thought is what you hit) is that if you change the mail server location above and then go to the
connection details for other clients
, then it still shows the old mail server location. This is a UI bug which I have fixed now.