If you keep getting the “Cannot Verify Server Identity” Popup on and on on your iphone after an update as it recently happened with the iOS 11.3 Update. Find two possible solutions for your problem in this post.
Why is that message appearing?To give you a short introduction to those issues and why that message keeps appearing, I’d like to give you one main reason for that: it’s an insecure SSL certificate of your provider. But how can that be insecure? I am sure, that you are not having any problem with certificates from huge mail providers like GMX, Hotmail, Telekom, etc.. Most likely, it’s going to be the smaller providers or even more likely your own server/domain. Make sure, to check that first. In the following part, I tell you about two possible solutions for that problem.
Solution 1: Delete Mail Account – Setup of New Mail Account
Step 1: Close all open appsiPhone 8 and below:
- Double press the home button below the center of the screen. The screen(s) of the opened app(s) will show up.
- Swipe the app window vertically from bottom to the top of the screen.
- The app will be closed.
- From the home screen, swipe up and pause.
- Firmly touch and hold the app, then tap. You can also use the “old” way and swipe up to close the app as soon as you see.
- The app will be closed.
Step 2: Restart your iPhoneHaving installed the iOS Update, you should make sure that you try deleting the cache of your iPhone first, before trying any other solution. Here is how to do that: Press the on / off button most likely on the right side of the iPhone together with one of the volume buttons for a few seconds. First, the slider to power off the iPhone will appear on the screen. Keep pressing both buttons until the iPhone turns off. Then restart the iPhone by pressing the power on/off button on the right side as usual. This will force restart the iPhone. Any data from open apps might be lost during this process. So make sure to close all apps first (see step one).
Step 3: Check if the problem still existsWhen the iPhone went through the restart process, check whether the problem still persists. You might be able to confirm the “old” SSL certificate now. That way, the message “verify server identity” will no longer occur. In case the problem still exists, proceed to step 4.
Step 4: Delete the affected mail accounts and restart iPhoneIf step 1 – 3 did not work out for you, the next step is to delete the affected mail accounts. You can find the Mail-Accounts in the Settings App >> Accounts and Passwords. As soon as you did that you will have to restart your iPhone again the regular way. Otherwise, it will most likely happen that the iOS Software does not recognize that you already deleted the account.
Step 5: Setup your Mail-Accounts and accept the certificate of the serverHaving restarted the phone again you can enter your account credentials for all accounts you deleted in step 4. Then you should be able to accept the certificate again and the message should not appear again. That will help for sure for a while – at least till the next iOS Update. So there is a better solution which is a bit more effort. Therefore you should make sure that you have access to your server as it is a problem of hosted servers that do not have a valid SSL certificate.
Solution 2 (aka. the permanent solution): get your SSL Settings right.For me the verify server identity problems disappeared as soon as I installed a free SSL certificate for my domains on our servers from letsencrypt. letsencrypt.org was formed as “answer” to the initiative of Google and other browser providers, to no longer open unsecured URLs or domains without a warning for the user. Due to this initiative of Google and Co. even private website owners are forced to use SSL certificates for their domains. Since I won’t be able to cover the exact process of how to add an SSL certificate on your provider from letsencrypt.org, please make sure to contact your client service or have a look at the FAQ section of your hosting service. There are just two things I would like to ask you to do:
- Please make sure to add the subdomain mail.yourdomain.tld first.
- Install an SSL certificate from letsencrypt.org for the main domain www.yourdomain.tld and yourdomain.tld as well as a separate certificate for mail.yourdomain.tld.