Exchange Server Forums

SSL + ActiveSync = Fail

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Microsoft Exchange 2003] >> Outlook Web Access >> SSL + ActiveSync = Fail

Page: [1]

Message

<< Older Topic Newer Topic >>

SSL + ActiveSync = Fail - 16.Oct.2011 5:41:09 AM

newbies13

Posts: 2
Joined: 16.Oct.2011
Status: offline

My SSL cert recently expired for our single backend server.

Purchased a new one, installed it, everything appeared ok. . . And then the people who sync their phones to outlook started to complain. Sure enough, people can't sync their phones any longer. They get "unable to finish creating the account" errors on their end.

On my end I am getting event id 3029 errors, which reference microsoft knowledge base 817379.

My question is, how did this suddenly start happening? The SSL cert we used before didn't cause any issue, even after it expired users could still sync once they accepted the expired cert. But now with the new cert in place it won't let anyone sync. This makes me very suspicious of the proposed fix above, since it was working before without it.

Thoughts?

*edit*
Forgot to mention... I "think" I may have installed the SSL cert in the wrong spot. I installed SSL on the default website on my exchange server, but I am thinking now that maybe I should have only installed it on the actual exchange virtual directory, or maybe OWA?

< Message edited by newbies13 -- 16.Oct.2011 5:49:03 AM >

Post #: 1

Featured Links*

RE: SSL + ActiveSync = Fail - 17.Oct.2011 10:12:41 AM

leederbyshire

Posts: 1346
Joined: 4.Jan.2006
Status: offline

You may have previously only had SSL required on the Exchange virtual directory. When you install the certificate, you can only install it for the whole site, but where you actually *require* SSL (there is a checkbox for this on each vdir in IIS) is what is important when it comes to the problem that KB817379 is meant to solve. You should have SSL required for the Exchange vdir. You can also have SSL required at the default web site level, but then it will probably propagate down to subdirectories, except where you tell it not to. But you must not have SSL required on the exchange-oma vdir that you created when you did the KB817379 procedure at some time in the past.

_____________________________

Lee.
___________________________________

Outlook Web Access for PDA and WAP:
www.leederbyshire.com
___________________________________

(in reply to newbies13)

Post #: 2