How to fix iOS Mail ‘Cannot Verify Server Identity’ error with self-signed certificates
Since upgrading my iPhone to iOS 4.2.1 I continually received this annoying popup every time I sent or received email:
I use SSL for both sending and receiving email, and my mail server uses a self-signed certificate. It sounds like this is a common problem with iOS 4.2.1 and self-signed certificates. Some say it’s a bug, while others say it’s Apple’s intended behaviour with self-signed certs. One thing’s certain – it’s frickin’ annoying!
Anyway, after trying all sorts of things suggested in forums, including wiping my mail settings, rebooting, and so on, I finally came across the solution in this forum post. Here are the steps (slightly modified from Drarok’s post):
The steps assume that you already use Apple Mail to access your mail server via SSL, and that you’ve accepted the mail server certificates in Apple Mail. If you haven’t done this then the certificates won’t be on your Mac.
- On your Mac, open your Applications/Utilities folder, and double-click the Keychain Access app to open it.
- Find your mail server in the Name column. There may well be more than 1 entry. Find the entry that has “certificate” in the Kind column, and that has the most recent Expires date. This is the certificate you want. (You should see “This certificate is marked as trusted for…” in the pane at the top of the app.)
- Right/control-click the certificate and choose Export “(mail server name)”:
the certificate on your device.
You should now find that you can send and receive email without receiving the annoying popup. Woo!
By the way, if you ever want to delete the installed certificate, just fire up the Settings app and go to General. Scroll down, and you’ll see a Profile entry towards the bottom. Tap it, then tap the red Remove button.
Bookmark this post:
This entry was posted on Saturday, February 26th, 2011 at 1:08 pm and is filed under iPhone. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response. or trackback from your own site.
8 Responses to “How to fix iOS Mail ‘Cannot Verify Server Identity’ error with self-signed certificates”
Worked like a charm — thank you! iPhone 4 ATT 4.2.1
Stephanie Clark Says:
Thank you (and Drarok) a million times. This error has been driving me NUTS! Your solution worked perfectly. Yay.
Is there a solution for Windows users?
James Gilmore Says:
Not worked for me…. followed to the letter …. but the mail doesnt seem to find the profile ?
@Kramer @Stephanie – thanks, glad it helped!
@Karazy: I’m not sure, to be honest. Does Windows have some kind of certificate repository where you could export the mail server cert in .pem format?
@James: Sorry it didn’t work for you. Are you getting an error message of some sort?
Pleased to say that this works on iOS5 as well.
Thank you so much for posting it.
@Pauli: That’s great to hear! Thanks for letting me know.