I’m using a Let’s Encrypt Certificate to publish our Exchange Server. If I do connect via browser the certificate is validated by the browser without error.
When I do use the Android E-Mail app (I’ve tried Versions 4 to 6.0.1) using ActiveSync (HTTPS based access) the E-Mail app says that it could not connect to the server. When I switch to “accept all certificates” it connects to the server.
The same phone using the browser can connect to the mail server using the Outlook Web Access page and no certificate errors are shown.
The server is using the DNS name mail.beko-group.com I’ve tried two certificates, one registered directly to mail.beko-group.com and one to portal.beko-group.com with additional names including mail.beko-group.com. Both certificates produce exactly the same behaviour. However I’ve not found a way to see why the certificate is rejected by the app. So what is wrong here? Does the app not use the phone’s trusted certificate store or is there a problem with my certificate?