The “Cannot Verify Server Identity” error typically appears when an email app or device cannot confirm the security certificate of the server it is trying to connect to. While the message may feel alarming, it is actually a protective security feature designed to prevent your data from being intercepted or compromised.
This error is most commonly seen on:
- iOS and iPadOS devices
- macOS Mail
- Microsoft Outlook
- Other email clients using IMAP, SMTP, or Exchange
In most cases, the issue is caused by certificate mismatches, expired SSL certificates, incorrect server settings, or recent server changes and can be resolved safely.
In this guide, we’ll cover why the error occurs, step-by-step troubleshooting for users, advanced fixes for server administrators, and best practices to prevent future SSL/TLS issues.
- Why Does the “Cannot Verify Server Identity” Error Occur?
- How to Fix the “Cannot Verify Server Identity” Error
- 1. Restart Your Device and Network Connection
- 2. Check the SSL Certificate on the Server
- 3. Verify and Update Email Account Settings
- 4. Remove and Re-add the Email Account
- 5. Reset Network Settings (iOS & Android)
- 6. Use a Trusted SSL Certificate (Server Administrators)
- 7. Test with an Alternate Email Client or Webmail
- Best Practices to Prevent Future SSL/TLS Issues
- Our Scope of Support
- FAQs
- Additional Resources
Why Does the “Cannot Verify Server Identity” Error Occur?
When a device connects to a server using SSL/TLS encryption, it checks that the server’s certificate is valid, trusted, and correctly configured. The error occurs when this verification fails.
Common causes include:
Expired SSL Certificate
SSL certificates have a fixed validity period. Once expired, devices will no longer trust the server.
Domain Name Mismatch
The server name you are connecting to must match the Common Name (CN) or Subject Alternative Name (SAN) listed on the certificate.
For example, using an IP address instead of mail.yourdomain.co.za will trigger this error.
Self-Signed Certificates
Many devices and email clients reject self-signed certificates unless they are manually trusted.
Untrusted Certificate Authority (CA)
If the certificate was issued by a CA not recognised by your device, verification will fail.
Network Interference
Public Wi-Fi networks, captive portals, VPNs, or firewalls can interrupt certificate validation.
Incorrect or Outdated Email Settings
Incorrect server names, ports, encryption types, or outdated configurations in email settings commonly cause this issue.
How to Fix the “Cannot Verify Server Identity” Error
1. Restart Your Device and Network Connection
Before making changes, it is important to rule out potential temporary issues.
iOS / iPadOS / macOS
- Close the Mail app completely
- Restart your device
- Reconnect to a stable network
Windows / Android
- Close the email client (Outlook, Thunderbird, etc.)
- Restart the device
- Switch between Wi-Fi and mobile data if possible
2. Check the SSL Certificate on the Server
If you manage the server or domain:
- Open a browser and visit https://yourmailserver.com
- Click the padlock icon in the address bar
- Review whether the certificate is valid, expired, or mismatched
If the certificate is expired or untrusted, it must be renewed or replaced.
3. Verify and Update Email Account Settings
Verify that you have the correct email settings for your device and email client.
iPhone / iPad (iOS Mail App)
- Go to Settings → Mail → Accounts
- Select the email account
- Confirm Incoming and Outgoing server settings
- Ensure the hostname matches the SSL certificate
Outlook (Windows / macOS)
- Go to File → Account Settings
- Select the account and click Change
- Verify server names and encryption settings
- Update ports under Advanced Settings
Correct ports with SSL to be enabled:
- IMAP: 993
- POP3: 995
- SMTP: 465 or 587
4. Remove and Re-add the Email Account
If the issue persists, reconfiguring the account by removing and re-adding the email account often resolves cached or outdated settings.
- Remove the email account
- Restart your device
- Re-add the account using the correct server details
On iPhone/iPad:
- Go to Settings > Mail > Accounts.
- Select the problematic account and tap Delete Account.
- Restart your device and re-add the account with the correct settings.
On Windows/macOS:
- Remove the affected account and restart your device.
- Add the account again with the correct server details.
5. Reset Network Settings (iOS & Android)
iOS / iPadOS
- Settings → General → Reset → Reset Network Settings
Android
Many modern Android phones (Android 10+) for resetting network settings, though it can vary slightly by manufacturer.
For Samsung devices, you can follow these steps:
- Settings → General management → Reset → Reset network settings → Reset settings → Reset
For many other Android devices, you can follow these steps (may slightly vary):
- Settings → System → Reset options → Reset Wi-Fi, mobile & Bluetooth
IMPORTANT: This removes saved Wi-Fi passwords.
6. Use a Trusted SSL Certificate (Server Administrators)
cPanel
- SSL/TLS → Manage SSL Sites
- Verify or reinstall the certificate
- Use Let’s Encrypt or another trusted CA
Linux Mail Servers
- Confirm the correct certificate paths in
/etc/postfix/main.cf:
smtpd_tls_cert_file=/etc/ssl/certs/server.pem
smtpd_tls_key_file=/etc/ssl/private/server.key- Restart mail services after changes:
sudo systemctl restart postfix7. Test with an Alternate Email Client or Webmail
If the error only appears in one app, test using webmail or another email client to isolate the issue.
Best Practices to Prevent Future SSL/TLS Issues
- Monitor SSL certificate expiry dates
- Always use domain-based server names
- Keep devices and email apps updated
- Avoid configuring email on unsecured public networks
- Document DNS and server changes
Our Scope of Support
If you’re stuck and need any additional guidance or support, here’s an outline of what we can do and what is not within our Scope of Support.
We can assist with:
- Checking SSL certificate validity
- Verifying DNS and mail server records
- Confirming correct server configuration
- Guiding safe troubleshooting steps
Advanced Support (Paid Services)
We may assist with some services that require advanced support.
- Device operating system bugs
- Forcing trust on invalid certificates
- VPN or third-party firewall configuration
FAQs
Q. Is this error dangerous?
Not inherently, but it should never be ignored. It exists to protect your data.
Q. Is this error a sign that my email has been hacked?
No, it is a security warning designed to protect you.
Q. Should I click “Continue” or “Trust”?
Only if you are absolutely certain the server is legitimate.
Q. Why does this happen on my phone but not my computer?
Devices handle certificate caching and security checks differently.
Q. Will re-adding my email fix the issue?
Yes, especially after DNS, hosting, or SSL changes.
Additional Resources
What Is SSL and Why It Matters
Basic Troubleshooting Steps for Email
Troubleshooting a Security Certificate Warning Pop-Up in Outlook
Email Error Messages and How to Fix Them
How to Secure Your Website
Understanding DNS Records and How to Check These
How DNS Propagation Works
Need Additional Support?
We’re Here to Help:
Fixing a “Cannot Verify Server Identity” error doesn’t have to feel technical with this easy-to-reference guide. Stuck? Check out our Scope of Support, and then contact our Support Team for further clarity and guidance (https://1grid.co.za/contact-us/). We’re ready to see how we can help!