SOLVED Email certificates expiring on iOS causing a constant pop up every 3 seconds
On an iPhone 6s and iPhone 6s Plus, when using imap and smtp, me and my users are getting inncessant pop ups and warning that the certificate for my servers imap and smtp server is not verified and They don’t stop after selecting trust. After the 3rd time selecting trust the pop up occurs the pop up happens, but the option to select trust is no longer available. I can add screenshots to this later.
@privsec iphone 6s? Is the certificate saying expired on the iPhone?
If the date on the certificate is good it could be because the phones are too old and the CA certs installed on the devices in question have expired instead. In which case there is no fix except accepting the certs as self-signed. (CA = Certificate Authority. Essentially it's a certificate that tells your phone the cert(s) you have installed on your server are legitimate.)
Link may help
@murgero Both phones are on both 14.4 iOS
Here are all of the screenshots
marcusquinn last edited by
I had this once. Solved by removing the account and re-adding.
@privsec The imap and smtp address seems wrong. It should just be
mail.yourdomain.com. I assume you change the mail server location to
mail.yourdomain.comin the Email settings page? In your screenshots, it shows
smtp.mail.yourdomain.com, whic is not correct.
@girish Here is whats weird, In the connection settings I see
I set the email app to use the mail. subdomain
@privsec That's indeed a bug. If you refresh the browser, it will show the correct connection details. I will get this fixed for next release.
@girish I dont see it changing on a refresh.
But to be clear what is the address I should be using?
@privsec So, the address you should be using is
my.domain.com(as displayed in the screenshot you posted). If you want to change this to
mail.domain.com, you can change it in the UI below under Settings. Click on the edit button on the right of the Mail server location and set it to
It's important that the mail server location matches what you enter in the iOS client. If they don't match, they will complain that the domain name in the certificate does not match.
Finally, the bug (which I thought is what you hit) is that if you change the mail server location above and then go to the
connection details for other clients, then it still shows the old mail server location. This is a UI bug which I have fixed now.
@girish Gotchya, ok. Makes sense, thank you