Certificate Issue

kevin taylor
kevin taylor used Ask the Experts™
on
Mobile mail is saying cannot verify identity so users are not getting email.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
EE Solution Guide - Technical Dept Head
Most Valuable Expert 2017
Commented:
Saif ShaikhServer engineer

Commented:
Does the issue happen only with iPhones or android phones

Verify with an Android phone first.

This was an ongoing issue I think which happened with iOS 13 update.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
If you're using a Private CA this will happen for every new device, as each device has no clue about the issuance chain of a Private CA.

Fixes are...

1) You must either have each new device verify + accept the cert, each time the cert is created/renewed.

2) Just use a real cert, like free https://LetsEncrypt.org certs which work with no cert verification/acceptance step required.
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Aside: This could be another problem too.

It may be that iOS 13 update drops support for pre TLSv1.2 TLS protocols, which have all been deprecated now.

This might mean the server running (mail/web/whatever) fails to implement TLSv1.2 + TLSv1.3 or fails to enable these protocols. Most likely you just required enabling these 2x protocols + this may resolve your problem.

This is just a guess as you've provided no server name + port to test.

Author

Commented:
Thanks MAS..

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial