[ExchangeList] Re: Problem setting up Microsoft Exchange Active Sync

  • From: "Todd Lemmiksoo" <tlemmiksoo@xxxxxxxxxxxx>
  • To: <exchangelist@xxxxxxxxxxxxx>
  • Date: Tue, 21 Apr 2009 11:40:29 -0400

Thanks Rick.

________________________________

From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Rick Boza
Sent: Tuesday, April 21, 2009 11:04 AM
To: exchangelist@xxxxxxxxxxxxx
Subject: [ExchangeList] Re: Problem setting up Microsoft Exchange Active
Sync


While its definitely easier with a cert purchased from a trusted root,
all that is involved in getting it to work with a cert from your own CA
is installing a copy of your cert onto the device.  

See http://technet.microsoft.com/en-us/library/cc182295.aspx and
http://www.jacco2.dds.nl/networking/windowsmobile-certinstall.html for
info. 

Rick


On Tue, Apr 21, 2009 at 10:56 AM, Todd Lemmiksoo
<tlemmiksoo@xxxxxxxxxxxx> wrote:


        Thanks Chris. I don't think I can get the President of our
company to pay for a commercial certificate right now. This is the only
mobile device that would be using ActiveSync.

________________________________

        
        From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Wall
        
        Sent: Tuesday, April 21, 2009 10:01 AM 

        To: exchangelist@xxxxxxxxxxxxx
        Subject: [ExchangeList] Re: Problem setting up Microsoft
Exchange Active Sync
        


        That would be the problem...

         

        This is the only reason that I went with a well known Cert
Authority (and one that Windows Mobile as well as other Mobile devices
will accept).

         

        Paying for the Cert will save you many hours of troubleshooting
with Mobile devices and will keep you from having to physically touch
each device to force the Cert to be accepted (this in itself is a pain).

        
        
        

         

        From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Todd Lemmiksoo
        Sent: Tuesday, April 21, 2009 9:36 AM
        To: exchangelist@xxxxxxxxxxxxx
        Subject: [ExchangeList] Re: Problem setting up Microsoft
Exchange Active Sync

         

        I created the Cert in-house, my DC (PDC) is my CA. Our OWA url
is https://owa.all-mode.com

         

        The mobile device belongs to one of our sales guys, it is a PALM
Treo 700wx with WM 6.0 software.

        I will check the links you provided next.

         

        Todd

         

________________________________

        From: exchangelist-bounce@xxxxxxxxxxxxx
[mailto:exchangelist-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Wall
        Sent: Tuesday, April 21, 2009 9:27 AM
        To: exchangelist@xxxxxxxxxxxxx
        Subject: [ExchangeList] Re: Problem setting up Microsoft
Exchange Active Sync

        Todd -

         

        Who is your Certificate Authority and what type of Cert is it?

         

        Windows Mobile devices recognize only a small # of Certificates
(especially older Windows Mobile devices).  If you are having issues
connecting, the issue most likely is that the Cert you are using on your
front end is not an accepted one for Windows Mobile devices.

        See this: http://support.microsoft.com/kb/915840

         

        Or this:
http://www.google.com/search?sourceid=navclient&ie=UTF-8&rlz=1T4GGLL_en&;
q=Windows+Mobile+trusted+SSL+

         

        To verify, you can request a 'trial' certificate from Thawte.com
(SSL 123 type) and deploy.  This is a fully functional cert for 30 days
that is accepted by all Windows Mobile devices without having to force
the device to accept it and the authority.

         

        What is your OWA URL?  

        
        good luck.

         

        Chris

        
________________________________


        From: Todd Lemmiksoo <tlemmiksoo@xxxxxxxxxxxx>
        To: exchangelist@xxxxxxxxxxxxx
        Sent: Monday, April 20, 2009 7:20:46 PM
        Subject: [ExchangeList] Problem setting up Microsoft Exchange
Active Sync

        I'm have difficulty setting up Exchange ActiveSync in a single
Exchange 2003 setup. The Exchange server is front ended by ISA2006 SE. I
have read and used the article "How to Publish Microsoft Exchange Active
Sync with ISA Server 2006" by Marc Grote. The error that the mobile
device gets is "The security certificate on the server is invalid.
Support Code : 0x80072f0d". I have the OWA certificate installed on the
Exchange and ISA servers since Sept 2007. OWA has been working fine
since that time. I think my problem is related to SPN for
HTTP/owa.all-mode.com. Should this be on the Exchange or ISA server?

        Any help is greatly appreciated. 

        Todd Lemmiksoo 
        Network Administrator 

        All-Mode Communications, Inc. 
        1725 Dryden Road 
        Freeville, New York  13068 
        (607) 347-4164 x440 
        1-877-ALLMODE  (toll free) 
        http://www.all-mode.com <http://www.all-mode.com/>

Other related posts:

  1. Home
  2. exchangelist
  3. Archive
  4. 04-2009