Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: 8pl
8pl Author
User level: Level 1
13 points

iOS Mail S/MIME cert installed and trusted but “No valid certificates found”

Seems like I have similar problem as described in iOS Mail S/MIME cert installed and truste… - Apple Community. Thread is closed (due to no activity) so I'm starting new one.


I've just purchased S/MIME certificate. It took me < 5 minutes from purchasing it to having Mail working properly in macOS (signing + encrypting). I spend next 5 hours trying to make it work in iOS.

I exported certificate from Keychain Access to p12 file, installed it in iOS (along with intermediate certificate).

In General->VPN & Device Management certificate is "green" (Verified), but in Me->iCloud->iCloud Mail -> iCloud Email Settings -> Advanced -> Sign/Encrypt certificate is "red" (Not Verified).

Mail app shows e-mail sent from macOS as signed and encrypts it properly, but when trying to send e-mail, popup message shows "Unable to encrypt" and sends me to Settings, even though certificate _is_ selected (with checkmark) in Advanced Mail settings.


I managed to configure S/MIME in iOS many times in the past when using previous major versions of iOS. It's just me (or certificate provider) or is it a bug in 16.x version? It works properly in macOS, so it should in iOS as well?



iPhone 8, iOS 16

Posted on Feb 23, 2023 1:43 PM

Reply
Question marked as Best reply
User profile for user: 8pl
8pl Author
User level: Level 1
13 points

Posted on Feb 24, 2023 12:58 AM

OK. I managed to solve the problem. Mail app has constraint (bug) that requires S/MIME to be assigned to default address. I'm using two aliases (excluding AppleID for security reasons) for e-mail communication. S/MIME certificate was purchased for the alias other that the one set as default in iCloud Mail settings. In result certificate was presented (in iCloud Mail settings only) as not trusted and S/MIME encryption/signing was not possible.



As soon as I changed default e-mail address to the alias that has S/MIME certificate installed, situation improved. Certificate is shown as trusted and sending encrypted/signed e-mails is possible.



Problem concerns iOS (iPadOS?) only. My e-mail setup in macOS has not constraint described above.


I don't like the workaround (S/MIME secured alias was not set as defaults for purpose), but have no choice but to leave it as it is and report the bug through "feedback" site.



View in context

Similar questions

1 reply
Question marked as Best reply
User profile for user: 8pl
8pl Author
User level: Level 1
13 points

Feb 24, 2023 12:58 AM in response to 8pl

OK. I managed to solve the problem. Mail app has constraint (bug) that requires S/MIME to be assigned to default address. I'm using two aliases (excluding AppleID for security reasons) for e-mail communication. S/MIME certificate was purchased for the alias other that the one set as default in iCloud Mail settings. In result certificate was presented (in iCloud Mail settings only) as not trusted and S/MIME encryption/signing was not possible.



As soon as I changed default e-mail address to the alias that has S/MIME certificate installed, situation improved. Certificate is shown as trusted and sending encrypted/signed e-mails is possible.



Problem concerns iOS (iPadOS?) only. My e-mail setup in macOS has not constraint described above.


I don't like the workaround (S/MIME secured alias was not set as defaults for purpose), but have no choice but to leave it as it is and report the bug through "feedback" site.



Reply

iOS Mail S/MIME cert installed and trusted but “No valid certificates found”

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up