- Joined
- Jul 23, 2012
- Messages
- 341
- Reaction score
- 1
- Points
- 18
I have wasted hours and hours and HOURS trying to get encrypted email working on my iPhone. After a YEAR, I have finally managed it. It actually works!!!!!!!
I used the Keychain Access application to create a certificate for a certificate authority, shown in the attached images as "Company Name", as a self-signed root certificate. I got this on the phone as a profile, and it is "trusted". This cert can be used to sign other certs only.
Then I use the above cert to create as the issuing CA for a "leaf" certificate. This cert can be used to sign and encrypt emails. I got this installed on the phone as a "untrusted" profile. I do not understand this. The whole point of going the "own CA route" was to end up with something that I would be trusted. I tried the CA cert, and the CA issued the second cert, which should then be trusted since it was issued by a trusted CA. But it's not. And no amount of fooling around results in a cert that can be used to sign and encrypted emails which also shows up as "trusted" in the profiles.
Now, what I have WORKS - I can send and received signed and encrypted emails. But I'm baffled as to why cert #2 will not install as trusted.
I used the Keychain Access application to create a certificate for a certificate authority, shown in the attached images as "Company Name", as a self-signed root certificate. I got this on the phone as a profile, and it is "trusted". This cert can be used to sign other certs only.
Then I use the above cert to create as the issuing CA for a "leaf" certificate. This cert can be used to sign and encrypt emails. I got this installed on the phone as a "untrusted" profile. I do not understand this. The whole point of going the "own CA route" was to end up with something that I would be trusted. I tried the CA cert, and the CA issued the second cert, which should then be trusted since it was issued by a trusted CA. But it's not. And no amount of fooling around results in a cert that can be used to sign and encrypted emails which also shows up as "trusted" in the profiles.
Now, what I have WORKS - I can send and received signed and encrypted emails. But I'm baffled as to why cert #2 will not install as trusted.