Apple Mail will retrieve certificates from the GAL. I’ve tested and it works.
What it won’t do is retrieve them from other directory services, even if other products, say Outlook 2011, can/do.
On Jul 23, 2015, at 3:59 PM, VaibhaV Sharma <
email@hidden> wrote:
The other aspect is how this would work from outside a secure network if only activesync (https) port is reachable from the client. On OS X, it does a ldap lookup but I don’t remember if keychain on iOS was able to follow activesync or required ldap access.
Activesync provides protocol exchanges for getting certificates from the GAL. Sounds like Apple just doesn’t use them.
Paul Nelson
Thursby Software Systems, Inc.