Why is the CAcert root certificate not trusted on iOS devices?
I distinctly remember that when I bought my first iPhone and iPad a couple of years back, I was able to install the CAcert root certificate on those devices and iOS would trust the certificate. These days, however, I can't get this to work anymore. Whenever I install the certificate, iOS always marks it as "not trusted". What is the reason for this? And even more importantly, how can I fix it?
The devices I am talking about are an iPad 2 (iOS 7), an iPhone 3GS (iOS 6) and an iPhone 4S (iOS 7).
It turns out that iOS 5 and newer no longer trust certificates that are signed with the MD5 hash algorithm. This is confirmed by the official Apple support document http://support.apple.com/kb/TS4133.
The current CAcert root certificate is signed with MD5, so there is no fix for the problem until CAcert issues a new root certificate.