Results 1 to 2 of 2

Thread: Issues with iPhone and self-signed ssl certificates

  1. #1
    Registered Member
    Join Date
    Nov 2001
    Posts
    646

    Question Issues with iPhone and self-signed ssl certificates

    Hello,

    Just like most cpanel server owners, we are using "self-signed" ssl certificates for our mail (smtp/imap/pop) mail services.

    So normally, an iPhone user would simply click "install" or "trust and save this certificate" when connecting the first time over SSL to the mail server to get their mail.

    The problem is that iPhone iOS 4.x no longer allows the ability to "save" a self-signed certificate. So the warning/error popup occurs every time the user connects to the mail server over SSL to check their email.

    Not good.

    We're trying to figure out how to allow iPhone ios 4.x to save the self-signed certificates... but so far this does not seem too easy for a non-technical user. (Which is most iPhone users.)

    So.. as an alternative, we're investigating whether we should perhaps purchase a "real" ssl certificate for all our mail serves. (We haven't done this previously, because it woudl be expensive since we have a lot of servers.)

    Can anyone tell me what is involved to do this? The big problem is that all our customers use their own domain name hostnames for connecting to the servers. For example:

    SMTP: mail.customerdomain.com
    IMAP: mail.customerdomain.com

    (They do not use our server's hostname to connect.)

    So... my question... is if we install a real SSL certificate for the server hostname.. would this fix the problem? Or would it continue, because the customer is using their own "mail.customerdomain.com" domain and not the hostname of the ssl certificate?

    In other words... can this problem be fixed easily if the customer purchases their own unique ssl certificate for "mail.customerdomain.com"? (But then.. how would we install that onto the server since there is only one mail server, and mail.customerdomain.com is just basically a pointer?)

    Thanks very much for any help.
    I am an eNom ETP.
    Sign up today if you want an eNom.com domain reseller account from a reliable provider.
    * We now provide support and service to over 3250 happy resellers!

  2. #2
    Registered Member
    Join Date
    Nov 2005
    Posts
    9

    Default Re: Issues with iPhone and self-signed ssl certificates

    We have seen this same issue with the new iPhones. It has also always been an issue when using secure email and a Microsoft Outlook client. If I understand correctly, Microsoft limits which SSL's they will recognize as not being self-signed to a small group of expensive SSL's.

    I'd appreciate if anyone has some information about what *low-cost* SSL's can be installed in WHM to take care of this issue for both iPhone and Outlook.

    Thanks.

Similar Threads

  1. Filed with Developers [Case 48781] cPanel => TLS/SSL Manager => Create Self-Signed SSL limited St
    By inetbizo in forum Feature Requests for cPanel & WHM
    Replies: 1
    Last Post: 05-18-2011, 12:58 PM
  2. with cpanel can you do self signed certificates?
    By ullalla in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 02-06-2008, 09:43 PM
  3. Firefox 3 & self-signed SSL certificates
    By Nefedov in forum cPanel & WHM Discussions
    Replies: 4
    Last Post: 12-28-2007, 08:56 AM
  4. SSL Certificates - Deleting unwanted certificates
    By DReade83 in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 06-18-2007, 07:47 AM
  5. Self-Signed Certificates?
    By bvanderw in forum cPanel & WHM Discussions
    Replies: 4
    Last Post: 02-22-2007, 06:13 PM
bargain