User profile for user: Carlo Volpi
Carlo Volpi Author
User level: Level 1
8 points

MacOS - Apple Mail cannot trust server certificate

I'm using an e-mail provider using my own domain name. Which means that the server certificate uses the provider domain but I access it using my own domain name. Which triggers a "certificate name does not match input" on all my devices when a new certificate is issued or Apple decides to reset security, like today after upgrading to 14.4.1.

I normally go through the warning and choose "Always Trust" on all Apple devices of the whole family with Mail installed. All 16 of them. Joy.

But no, today this is not possible: there is no drop-down list and MacOS is just showing me the "When using this certificate: Use System Defaults" information.

I'm logged in as administrator as usual. If go to Keychain Access I cannot find the certificate, just the root.


MacBook Pro 15″, macOS 10.12

Posted on Apr 26, 2024 3:36 AM

Reply
6 replies
User profile for user: etresoft
etresoft
User level: Level 8
46,464 points

Apr 26, 2024 8:33 AM in response to Carlo Volpi

Carlo Volpi wrote:

The DNS is working perfectly and has been for the last 21 years.

Allowing this kind of custom domain use for consumer e-mail is a very recent phenomena.

The security issue is the mismatch in the domain name string of the certificate, which is OK and understandable for it to require manual override even if I wish it was less often. Problem is, the override does not seem to be possible as it used to.
I'm trying to describe a change in behaviour for MacOS, more in particular the interface to inspect and change certificate security settings.

Any changes to macOS security certificates would be something to make your system more secure. I strongly recommend that you do not make any changes.


You haven't said what mail service you are using. Without that information, I can't tell you what to do, or even tell you if it is possible. For example, here are Apple's instructions for iCloud. You would have to do something very similar for any other mail provider. That's the only way to do this.

Reply
User profile for user: Carlo Volpi
Carlo Volpi Author
User level: Level 1
8 points

Apr 26, 2024 6:12 AM in response to etresoft

Thank you etresoft. The DNS is working perfectly and has been for the last 21 years.

The security issue is the mismatch in the domain name string of the certificate, which is OK and understandable for it to require manual override even if I wish it was less often. Problem is, the override does not seem to be possible as it used to.

I'm trying to describe a change in behaviour for MacOS, more in particular the interface to inspect and change certificate security settings.



Reply

MacOS - Apple Mail cannot trust server certificate

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up