Issues with iPhone and self-signed ssl certificates


Well-Known Member
Nov 5, 2001

Just like most cpanel server owners, we are using "self-signed" ssl certificates for our mail (smtp/imap/pop) mail services.

So normally, an iPhone user would simply click "install" or "trust and save this certificate" when connecting the first time over SSL to the mail server to get their mail.

The problem is that iPhone iOS 4.x no longer allows the ability to "save" a self-signed certificate. So the warning/error popup occurs every time the user connects to the mail server over SSL to check their email.

Not good.

We're trying to figure out how to allow iPhone ios 4.x to save the self-signed certificates... but so far this does not seem too easy for a non-technical user. (Which is most iPhone users.)

So.. as an alternative, we're investigating whether we should perhaps purchase a "real" ssl certificate for all our mail serves. (We haven't done this previously, because it woudl be expensive since we have a lot of servers.)

Can anyone tell me what is involved to do this? The big problem is that all our customers use their own domain name hostnames for connecting to the servers. For example:


(They do not use our server's hostname to connect.)

So... my question... is if we install a real SSL certificate for the server hostname.. would this fix the problem? Or would it continue, because the customer is using their own "" domain and not the hostname of the ssl certificate?

In other words... can this problem be fixed easily if the customer purchases their own unique ssl certificate for ""? (But then.. how would we install that onto the server since there is only one mail server, and is just basically a pointer?)

Thanks very much for any help.


Nov 6, 2005
We have seen this same issue with the new iPhones. It has also always been an issue when using secure email and a Microsoft Outlook client. If I understand correctly, Microsoft limits which SSL's they will recognize as not being self-signed to a small group of expensive SSL's.

I'd appreciate if anyone has some information about what *low-cost* SSL's can be installed in WHM to take care of this issue for both iPhone and Outlook.