7,925 questions
I think this a known issue:
https://learn.microsoft.com/en-us/exchange/troubleshoot/mobile-devices/cannot-create-mail-profile-on-ios-device-via-autodiscover
Exchange 2019 on-premises auto-discovery issue with IOS Mail app. Mail app discovers wrong SSL
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 69%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBC%3C/text%3E%3C/svg%3E)
Brian Cox
1
Reputation point
So I have my Exchange 2019 hosted on-premise with a purchased SSL for mail.example.com. Outlook and OWA work great with auto-discovery both onsite or offsite. When I add an email account into my iPhone mail app that is on my Exchange server i get an error "Cannot Verify Server Identity" This clearly is happening because the IOS app is loading a certificate from my hosting company for my website avsimplified.com However my exchange server is on my own server at mail.avsimplified.com
So avsimplified.com is at 66.96.147.96 public IP address and mail.avsimplified.com is at 173.218.1.192 public IP address.
I have added to my Godaddy DNS the following:
srv _autodiscover._tcp.mail 0 0 443 mail.avsimplified.com. 600 seconds
I am at a loss how to get the IOS app to pull the correct AutoDiscover and therefor the correct SSL certificate. Any help would be greatly appreciated.
Microsoft Remote Connectivity Analyzer results are as follows:
http://avsimplified.com/RCATestResult.html
AutoDiscover XML Tool Log
Exchange | Exchange Server | Management
1 answer
Sort by: Most helpful
-
Andy David - MVP 157.9K Reputation points MVP Volunteer Moderator2022-01-23T16:21:47.707+00:00 -
Brian Cox 1 Reputation point
2022-01-23T20:35:04.3+00:00 Yep it is. So how do i fix it? Link doesn't give a lot of useful information. Nothing I haven't already stated in my question.
-
Andy David - MVP 157.9K Reputation points MVP Volunteer Moderator
2022-01-23T20:48:16.36+00:00 Well, unfortunately, you may need to create the profiles manually if you don't control that root site.
I Dont think that root has a valid matching cert associated with it , does it?
This article touches upon the issue as well.
If you have access to fix things at the root:https://practical365.com/fixing-autodiscover-root-domain-lookup-issues-mobile-devices/
Sign in to comment -