My company uses SSL certificates from IPSCA. They are cheap (especially for wildcard certs), but they also kind of suck (since they had a short validity and their level 1 intermediate cert expired 31 of Dec 2009).
To login to our Zimbra email over HTTPS I need to accept the new level 1 intermedia CA every time I want to read my email! Not funny and hence this:
Download the new SSL cert bundle from your CA. Send it as an email to any email account you have configured in your iPhone, press the attachement and you will enter a config program, select Install on your certificate, (it will complain about it not being signed, but nevermind).
Presto! Now I can visit the email server again without the pesky SSL error.
Tip-of-the-hat goes to this forum that provided the clues for the answer.
Ok, so I was stupid, which goes hand in hand with reading blogs instead of thinking for oneself: I could have just visited the website and clicked on the .crt link in the browser. When that happens, the "Install Profile" pops up. Just click install, enter your pin and you are done. KTHXBYE.