Just like most cpanel server owners, we are using "self-signed" ssl certificates for our mail (smtp/imap/pop) mail services.
So normally, an iPhone user would simply click "install" or "trust and save this certificate" when connecting the first time over SSL to the mail server to get their mail.
The problem is that iPhone iOS 4.x no longer allows the ability to "save" a self-signed certificate. So the warning/error popup occurs every time the user connects to the mail server over SSL to check their email.
We're trying to figure out how to allow iPhone ios 4.x to save the self-signed certificates... but so far this does not seem too easy for a non-technical user. (Which is most iPhone users.)
So.. as an alternative, we're investigating whether we should perhaps purchase a "real" ssl certificate for all our mail serves. (We haven't done this previously, because it woudl be expensive since we have a lot of servers.)
Can anyone tell me what is involved to do this? The big problem is that all our customers use their own domain name hostnames for connecting to the servers. For example:
(They do not use our server's hostname to connect.)
So... my question... is if we install a real SSL certificate for the server hostname.. would this fix the problem? Or would it continue, because the customer is using their own "mail.customerdomain.com" domain and not the hostname of the ssl certificate?
In other words... can this problem be fixed easily if the customer purchases their own unique ssl certificate for "mail.customerdomain.com"? (But then.. how would we install that onto the server since there is only one mail server, and mail.customerdomain.com is just basically a pointer?)
Thanks very much for any help.