This weekend we renewed our certificate in Exchange using our CA. Everything installed normally and Exchange ECP shows the renewed certificate as Valid. After testing Outlook, OWA and email on my android phone, I saw that everything was pulling the new certificate and mail was flowing on the devices normally.
The next day we started getting calls from iOS users stating they cannot access email on their iPhones or iPads. They are getting an error that says, "Cannot Verify Server Identity: The identity of "autodiscover.mydomain.com" cannot be verified by Mail." I jumped on the server to double check "autodiscover" is visible on the new certificate and it is. The new cert is an exact replica of the previous cert, which had worked fine.
Anybody have any thoughts on how to fix this for iOS users? People using the Outlook App on Apple devices are able to access email fine. It's only people using the built-in Mail app provided by Apple.
Troubleshooting I've tried:
Rebooting the Exchange server to reset IIS and other services
Restarting Apple device
Removing and re-adding Exchange account from Apple device
Temporarily turning off SSL on Apple device
Tested adding Exchange account to an Apple device that has never touched our Exchange server
Thank you for the help!