How do I stop this constant pop up on my iPad and iPhone? Cannot Verify Server Identity eas.outlook.com

Well - that’s a very good reason...!

Without delving too deeply into how PKI Cryptography works (you can research if you wish) - a certificate chain of trust must link back to a Root Certificate. If any certificates are forged, untrustworthy, or compromised, the chain of trust is broken and you receive a warning. PKI ultimately underpins much of the security of the [reputable] internet - including online retail and banking.

A Self Signed certificate has no chain of trust. A self signed certificate simply says “you can trust me because I say so”; it’s a rather like printing your own passport to prove you identify to an immigration official. Trust? Absolutely not!

In this case, the Certificate chain is interrupted and cannot be verified back to Microsoft - or thereafter to an intermediate or root Certificate Authority - causing an alert.

As it is reasonable to assume that Microsoft build and maintain their email and other systems correctly, with a verifiable chain of trust (they certainly won’t “self-sign” anything), something is awry between your device and the service(s) to which you are connecting.

Again, whilst trying to keep this description as non-technical as possible - and without being too alarmist - I suspect that something (or someone) is intercepting your communications for “deep packet inspection”. In corporate environments, this is not uncommon as the “corporate” will be keen to understand the communications travelling both in (and out!) of the organisation.

If you are not communicating via a corporate gateway (e.g., your employer), then perhaps your Internet Service Provider (ISP) or some other entity is intercepting your traffic. Without understanding a lot more (no, please don’t go into details here), I cannot speculate on the reason.

So, assuming that something is happening that is unexpected, there are several things to try. The first is to change your DNS settings to use a known “trusted” DNS provider. For now, I’ll assume that you know how to do so; I recommend that for the purpose of diagnostics that you use Quad9 Recursive DNS servers as these have a significant security bias.

Use these IPv4 and iPv6 DNS Server addresses:

9.9.9.9

149.112.112.112

2620:fe::fe

2620:fe::9

If your network connection allows, use all four server addresses; the first two are IPv4 - the last two are IPv6.

Once you have manually configured your DNS settings (deleting any automatically configured DNS addresses), re-test and see what happens.

Postscript

I’ve just checked eas.micosoft.com and have successfully verified the trust chain using the TLS Inspector App. It is nominally configured correctly - again suggesting that something is awry with your communications...

It may be worthwhile to install this App and run the same test. The App can be found here:

https://apps.apple.com/gb/app/tls-inspector/id1100539810

I hope this information and guidance is helpful.

This type of pop-up is an information warning that suggests that something is wrong with the certificate chain-of-trust that secures communication between your iPad and your email provider’s servers - the certificates providing verifiable cryptographic elements that secure your internet communications.

There are many reasons why this warning may occur - such as a back-end certificate problem (that you can do nothing about), or a potential security issue. If you are handling highly-sensitive business email, then this warning might provoke you to seek advice from your IT/Security staff. Without detailed investigation beyond the immediate scope of this reply, an explicit cause cannot be identified from information presented here.

All that said, I have personally experienced and noted reports of some intermittent issues with Microsoft email and certificate warnings. To date, the observed warnings appear to be benign - and have been very infrequent.