This article describes the issue of the cannot verify server identity, Exchange Activesync can’t verify the identity of the activsync.networkutils.com error message being generated from the default profile, when a user attempts to register an iOS device.
- A user attempts to register an iOS device.
- The device generates the cannot verify server identity, Exchange Activesync can’t verify the identity of the activsync.networkutils.com error message from the default profile.
When a client/iOS device attempts to make a secure connection, it inspects the server’s certificate to verify if the client should trust the server. If a certificate is self signed or from a untrusted CA, then it will ask the user permission to continue. iOS versions earlier than 4.2, stored the trust exceptions on a per-certificate basis, which means that each certificate had a trust exception set against it.
However, in iOS 4.2, exceptions are maintained per host. So, if the server uses multiples certificates for different services, the client will prompt you to trust each certificate, each time it connects. This can become an issue when connecting via Microsoft’s forefront TMG 2010 gateway, if the SSL connection is enabled. This issue is resolved in iOS 4.2.5 or later.