You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

How do I trust my email host certificate again?

I use a 3rd party email. The certificate expired and then renewed. On my Mac I was able to fix the email by saying "always trust" the cert. But I do not see a way to do this on IOS.


I see that I can delete and recreate the account - but this will be a last resort...

https://supporthost.com/email-certificate/


How can I "trust" my email host certificate again on my iPhone?


Thanks Dave

Posted on May 7, 2022 8:28 AM

Reply
Question marked as Top-ranking reply

Posted on May 25, 2022 10:54 AM

Lawrence Finch:


Why should resolving this require deleting the email account? In our case, our email provider insists it renewed its certificate BEFORE it expired. However, on my iPhone, iPad, and iMac, I got an expired certificate error starting the evening it expired, when using Port 587 for outgoing email on two email accounts. Our email provider said the problem was due to "caching" on my iPhone, iPad, and iMac, while Apple Support insisted no such caching occurs. I resolved it by changing the Port to 465. (A week later, if I change the port back to 587, I once again get the expired certificate error.) On another family member's iPhone and MacBook there was NO certificate error when using Port 465 on a third email account.

8 replies
Question marked as Top-ranking reply

May 25, 2022 10:54 AM in response to Lawrence Finch

Lawrence Finch:


Why should resolving this require deleting the email account? In our case, our email provider insists it renewed its certificate BEFORE it expired. However, on my iPhone, iPad, and iMac, I got an expired certificate error starting the evening it expired, when using Port 587 for outgoing email on two email accounts. Our email provider said the problem was due to "caching" on my iPhone, iPad, and iMac, while Apple Support insisted no such caching occurs. I resolved it by changing the Port to 465. (A week later, if I change the port back to 587, I once again get the expired certificate error.) On another family member's iPhone and MacBook there was NO certificate error when using Port 465 on a third email account.

May 25, 2022 12:45 PM in response to Lawrence Finch

Lawrence Finch,


Thank you for your quick response. I understand what you're saying. I was kind of hoping you might be able to provide some insight into what might have happened in my case, given what Apple Support and my email provider said.


Since changing the SMTP Port from 587 to 465 solved my problem (and the expiration problem never occurred on my family member's devices using Port 465), I thought perhaps the email server was (and is) providing the old, expired certificate on Port 587 and the new, renewed certificate on Port 465, but the email provider insists that is not even possible, and they further insist the certificate was never even allowed to expire on the evening of May 14 and that my devices must all have somehow "cached" the old, expired certificate.


If the email provider is giving me the full story, how did my iPhone, iPad, and iMac end up with an incorrect setting (an expired certificate with complete details) if, as Apple Support says, none of these devices cache or save certificates? Why did all three devices fail to obtain the new, renewed certificate? And why is there no mechanism allowing the customer to get rid of a "wrong setting" (a hidden, cached certificate)?


I'm just trying to figure out what I was told, and no amount of searching on the Internet has led me to any explanation at all.

May 25, 2022 4:32 PM in response to Lawrence Finch

Lawrence Finch:


I have seen information corresponding to what you say about Port 587. However, our email provider's written instructions for years has recommended using 465 as the outgoing port, and has recommended using port 587--with TLS/SSL turned of--only if the customer is having problems sending and receiving email. Months ago, when I suddenly started having problems sending email, they orally recommended changing the port from 465 to 587; I left TLS/SSL on at the time and kept this port setting until encountering the expired certificate on May 14. As I mentioned above, when I changed the port back to 465 on all three devices on both email accounts, the expired certificate error disappeared. Our email provider says they have no idea why this worked, except that they continue recommend using port 465.


(Incidentally, their new certificate started on April 26, but I have no idea when they installed it on their server[s].)


I still have not found a logical explanation for what happened in our case. The answers I received from Apple Support and from our email provider do not provide a coherent picture.

How do I trust my email host certificate again?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.