Best answer by Zdenek Pala
iOS versions 10.3 and higher don’t trust root certificates that aren’t already pre-loaded in their certificate store. It does not appear that there is any way to allow non-trusted certificates (as you can do via Mac OSx).
Unless you’ve replaced your server certificate with one from a trusted root authority this issue will exist.
The workaround for customers who want to use XMC on iOS devices is to purchase and install a valid certificate from one of the Trusted Root CAs .
There is a GTAC article on how to generate a CSR on an XMC server to send to the CA and also how to install the retrieved Cert from them here:
Hope it helps.