![os x mail 11.4 force renew certificate os x mail 11.4 force renew certificate](https://media.wired.com/photos/62278f9344425e17cb3600da/master/w_2400,h_1800,c_limit/Gear-Apple-iOS-15-AirTag.jpg)
The longer history is that the certificate expired last year and I couldn't get iOS 12 to accept a new CA + Server Cert, which I generated using certutil on the platform that runs the IMAP service (not a Mac). I am now faced with a pop-up, every few seconds stating, "Cannot Verify Server Identity" in the middle of anything I am doing on the iPad. Nonetheless, attempting to read e-mail from my private IMAP server results in "Cannot Verify Server Identity" as if the server's cert is not being properly matched to the CA's profile.
![os x mail 11.4 force renew certificate os x mail 11.4 force renew certificate](https://www.digicert.com/kb/images/support-images/osx-maverick/mac-os-x-mavericks-export-ssl-certificate1.png)
The CA showed up under Settings -> General -> About -> Certificate Trust Settings as already trusted. The upgrade to iPadOS 13 removed the CA's profile, so I re-installed the CA's profile. I already had the CA's profile installed and trusted before upgrading my iPad Pro to iPadOS 13.0 (beta).
![os x mail 11.4 force renew certificate os x mail 11.4 force renew certificate](https://www.inmotionhosting.com/support/wp-content/uploads/2017/02/apple-mail-error_choose-mail1.png)
Os x mail 11.4 force renew certificate install#
On iOS 12.x, things got harder, but I was able to install the CA as a Profile, then go to Settings -> General -> About -> Certificate Trust Settings to mark the CA as trusted, and that allowed the Mail app to trust the IMAP server's certificate (via the private CA via the trusted profile). I run a private IMAP server that uses a certificate signed by a private Certificate Authority (I created the CA in Keychain.app on my Mac and I then created the IMAP server's cert, signed by the private CA taken from Keychain.app).Ī long time ago, iOS Mail app made it easy to get my mail by first warning about the cert, but then easily allowing me to trust the cert with a simple click.