Hi Aki and all, Thanks for the feedback.
I have removed the home-made root CA and the home-made server cert signed by the root CA, replaced it with valid Let's Encrypt cert and all works well. Whilst the home-made certs have always worked well (years) with Thunderbird clients and iOS 12.x, the new iOS 13.0 is now very picky about the cert parameters. The Let's Encrypt cert is a good solution, although I may eventually explore learning how to properly use OpenSSL to generate home-made root CA and server certificates. Can anyone point me to a good resource that has all the information for generating these certs? Kind regards, Peter
signature.asc
Description: OpenPGP digital signature
