Apple Intelligence now features Image Playground, Genmoji, Writing Tools enhancements, seamless support for ChatGPT, and visual intelligence.

Apple Intelligence has also begun language expansion with localized English support for Australia, Canada, Ireland, New Zealand, South Africa, and the U.K. Learn more >

You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

📰 Newsroom Update

Voice Memos update brings Layered Recordings to iPhone 16 Pro and iPhone 16 Pro Max. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Exchange Self Signed Certificates (Trust Issues with iOS 11)

With the older iPhone iOS versions, accepting a self signed SSL certificate with a company's Exchange server was easily accomplished since you were allowed to "Continue" with the installation setup prompt during the email account setup process. For newer iOS (such as 11.4.1), a self signed certificate is "Not Trusted" therefore the account cannot be setup and will not be enabled by default. If a user restores their settings from their existing iPhone iCloud account, the Exchange settings appear to transfer without a problem, however, if a user is setting up their iPhone without an iCloud restore process or a new user is trying to setup their iPhone with an Exchange account with a self signed certificate, a "Trust" issue will occur. The following procedure worked for our environment as a workaround for using our internal Exchange server with a self signed SSL certificate.


  1. Remove the attempted (Not trusted) "Exchange" account from your new iPhone.
  2. Setup a personal pop email account on the new iPhone such as a gmail, yahoo, etc.
  3. Have your IT administrator "export" the self signed Exchange SSL certificate as a ".cer" file from the Exchange server and email it to the account listed in step 2. (Using Windows Server "Certification Authority" mmc)
  4. Open the email attachment on the iPhone and "Install" the certificate. Installing the certificate should appear as a "verified" certificate (green check mark) when it is installed properly on the iPhone.
  5. Navigate on the IPhone Settings > General > About > Certificate Trust Settings and turn on the "Enable full trust for root certificates" for the installed certificate from step 4.
  6. Reboot the iPhone (required)
  7. Go into the account settings on the iPhone and setup the Exchange account. The Exchange email account should process the setup without any issues.

iPhone X, iOS 11.4.1, Exchange Self Signed SSL Issues

Posted on Aug 6, 2018 10:03 AM

Reply
7 replies

Aug 7, 2018 12:01 PM in response to geoffreyfromwegnez

Your IT Admin must export the self signed certificate as a ".cer" file from the Exchange server and email to a generic pop account that you can access with your iPhone or place it somewhere on a webserver that you can access it which will allow you to import it to your iPhone. it's very similar to this process from portswigger...
https://support.portswigger.net/customer/portal/articles/1841109-installing-burp -s-ca-certificate-in-an-ios-device

Hope this helps.

Aug 8, 2018 11:01 AM in response to ITYipMan

I have been having the same issues connecting my work Exchange email to my iPhone X since the weekend as well. I spoke with my IT guy and he stated that we are not using a "self signed cert" but instead have a certificate signed by RapidSSL - a legitimate certificate company. He email the cert to my gmail to install onto my phone and it is still saying "Not Verified" and can still not access my work email.

Aug 8, 2018 6:08 PM in response to geoffreyfromwegnez

Here are my findings so far... We're running SBS2011 server and doing some more research it appears that SBS uses a built in Certificate Aurthority when it generates the self signed SSL. I used the created self signed ssl certificate that was located in the "C:\Users\Public\Public Downloads" folder of the SBS server and emailed it to a generic pop account on the iPhone which installed without issues. Let me do some more research...

Exchange Self Signed Certificates (Trust Issues with iOS 11)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.