Re: usually when we set a phone it asks to be device administrator
Other apps (Gmail, ...) may prompt the user to set themselves as a "device administrator" if the Exchange server has a policy for that.
This is used for "remote wipe" (lost phone, triggered by the Exchange admin).
Aqua doesn't ask to be made a "device admin" and doesn't support remote wipe, which as we've seen so far makes it easier for users.
Re: certificate
Depends what you mean here:
- If you mean that the network connection to server is encrypted by SSL / TLS, just like an "https:" web site - fine, most if not all Exchange servers are that way.
No connection at all to what I wrote above (about "Device admin"), with Aqua or any other app. It's just about encrypting the network traffic.
- If you mean that the server requires connecting apps (clients) to use a so called "client certificate" (in addition to network traffic encryption, above) - we just added this into our current "work in progress" version 1.11.
This version is available here on the forum under "development builds" or in Google Play as a "beta":
https://play.google.com/apps/testing/org.kman.AquaMailThere is a button to choose a client cert on Aqua's "Exchange account setup" screen.
To install a client cert "into" your phone, the phone (Android) will want you to set a "secure" method for "unlocking the screen", i.e. PIN code / fingerprint / pattern (not "just swipe to unlock"), but that's not an Aqua Mail requirement, rather it's Android keeping your "client certificate" secure.