Citrix WorxMail (iOS) connection fails with SLL Error

In one of my Citrix XenMobile implementations I had an interesting problem with WorxMail for iOS. If we tried to connect WorxMail to the internal Exchange Servers we always received the error:

Not trusted SSL Certificate.

We started to check the connections but everything was working fine. Also we didn’t have any problem with WorxMail for Android. For the connection we used the STA-Method and not a Micro VPN. After checking everything deeper we found that WorxMail still was initiating a direct connection to the internal Exchange-Server through the NetScaler Gateway. Of course the internal servers used a certificate from the internal Root-Ca. After importing the Root-CA-Certificate into our iOS-Devices everything was working fine.

Actually that was not really a solution for us – deploying the internal Root-CA-Certificate to BYOD devices would have been a lot of work (people with BYOD devices don’t want to connect their device to the companies owned MDM-Solution for an automatic deployment). We started to look for other solutions and luckily Citrix just published the new WorxMail Version 1.3. After importing this version into the AppController a new Application Policy was available:
Accept all SSL certificates

After activating the policy and deploying the new WorxMail Version connections to our internal Exchange Servers worked without any problems (and of course without deploying the internal Root-CA-Certificate).