2988 Views 3 Replies Latest reply: Mar 14, 2009 6:50 AM by gmsmith
We have the same problem. (We have over a 1000 iPhones connected to Exchange.) The iPhone is missing certs that are required to recognize the cert you're using as legitimate. We gave up (after requesting that Apple add the certs to the phone) and we simply tell people to ignore the warning. In our case it wasn't a big deal. We already have a two-factor-authenticated Web site that people use for Outlook Web Access. We hung an iPhone-friendly Web site off that main site that people use to install the profile. So, from the iPhone, then go to the setup URL, enter in their two-factor credentials, tap on the profile, accept the non-signed profile warning and continue with the setup. It's worked really well for us though of course, we wish Apple would add the intermediate certs.
As for your other questions, there's no capability currently to do what you're asking.
For the certificate issue you may have to install the root certificate as shown on page 36 of the Enterprise Deployment Guide. http://manuals.info.apple.com/enUS/Enterprise_DeploymentGuide.pdf
Also, this article: http://support.apple.com/kb/HT2185 provides a list of available trusted root certificates.
The Enterprise deployment guide provides other general information that may help like, distributing iPhone applications.