probably not a solution, but i got some info today at work about this, at home right now and unfortunately i can access the info from the exchange server, wierd hehe.
ill try to post it when i have it available again.
Posts: 420
Joined: 24.Feb.2003
From: India
Status: offline
Hi
Looks like the ISA is breaking it and the EAS is working properly, Which version of ISA are you using , 2004 ? Server Publish your Exchange and Create a Seperate Listener for the Wildcard Cert and test.
ok heres the full instructions I am not great at writing these things so bear with me:
on the server goto start, run and type mmc, select add/remove snapin and then click add.
select certificates, computer account, close and OK,
expand certificates, then Personnel, then certificates.
Now find the certificate you use on the website and right click and select export from the all tasks menu.
Do Not export the private key, pick DER encoded binary x.509 (.cer) and select a save location.
Now connect the pda to the cradle and click explore, when the window appears cut and paste the certificate you exported to the PDA (I store it on a SD Card).
Go back to the PDA and use file explorer, select the folder you stored the certificate in and double click it, you get a warning message, say yes or ok, and soft reset the PDA.
With the PDA in the cradle, Delete the Server Partnership (I had to Clean Reset the PDA dont know if its required though but it did work for me) add in the components that you want sync'd one at a time, and test each one incase something is cauisng an issue. I had also removed and readded my Mailbox, but I dont think that helped.
Hope this helps.
< Message edited by donaldsmarshall -- 5.Nov.2005 2:45:04 AM >
Hey thanks for the quick reply, I actually need to get this working on a HTC 6700 by sprint, I understand that you are using a diferent device although I dont think that would be too much of a issue since both use WM 5.0.
Yeah we use HP IPAQ 2750's with the WM5 upgrade and this worked for our users, saying that I dont know if any other configs were required like virtual directories, SMTP Proxy for email checking and the other tweaks we have enabled, but hopefully this with SP2 should work for other people, let me know how you get on.
As for 100% it appears to be working :)
Tasks, Contacts, Calender and Email all arrive other than 2 attachments but I cant id what 2 and they dont bother me :)
None of this works for me. WM50 on a Verizon XV6700.
Added registry key values of whatever they were supposed to be: Secure=0 and ID\Secure=0 none of that worked. Imported (company wild card) certificate from server and successfully installed that. No dice.
Keep getting stupid 80072f17 error.
Thanks for the suggestions anyway. Any other ideas?
< Message edited by JackBower -- 2.Feb.2006 5:06:21 PM >
Posts: 55
Joined: 25.Feb.2005
From: New York
Status: offline
I downloaded and used Resco to add the key secure=0.
No longer getting the SSL cert error, but I continuously get prompted to retype my password. I know for a fact that my password is correct and it works for accessing OWA and OMA just not ActiveSync.
I'm having the same exact trouble. I fixed the SSL cert error with the registry setting, but I get continually prompted for my password. I've double-checked the password...it's correct. Any ideas?
I am having the same issue because of the wildcard cert. *I have Treo 700w. We use a wildcard certificate on our ISA 2004 sp1 server which is in front of our Exchange 2003 Sp2 FE server (and E2K3 sp2 BE server).
I have tried a couple of things which did not solve the problem. 1) I installed the certificate on the Treo. 2) I modified the registry to disable the SSL checking on the Treo. When I did that then I was continually prompted for my password (like Obiwein and Zipper.)
3)As a test, I changed my ISA server to use a self-signed certificate (and then I installed that certificate on the Treo.) That then changed my error to 0x85010004. So I think it gets past the SSL issue but I cant figure this new error out . Maybe this is related to the password prompt issue from 2. (Anyone know of the resolution for this error?)
I would rather not have to buy another certificate for my ISA server, but if I have to then I will. Does anyone have a current resolution to this that will allow us to use our existing wildcard certificate?
Ken
< Message edited by kenisswell -- 19.Apr.2006 9:05:19 PM >
"Some of our customers have problems securely connecting to their company mail server, because their mobile devices do not support wildcard name matching," said Christopher Skarda, DigiCert's Director of Security Services. "We found that many of these mobile devices do support Subject Alternative Names. By putting the wildcard (e.g. '*.digicert.com') and the mail server name (e.g. 'mail.digicert.com') into the same certificate, we found a way to enable devices to accept the specific host name. In the past, the only option was to purchase a separate SSL Certificate."
Posts: 157
Joined: 18.Sep.2001
From: UK
Status: offline
Just in case this helps anyone - we have both WM5 and WM6 devices. We don't have a wildcard cert, but we have split dns so have added a DNS alias to our Exchange server so that the URL of our ISA server resolves to the Exchange server on the internal network. This obviously led to cert name mismatch issues. On WM5 to registry entry desctibed earlier in this thread fixed this (HKCU/Software/Microsoft/ActiveSync/Partnerships/*/secure = 0) - ensuring that the appropriate partnership was selected (look for the URL of your ISA server). I have seen this documented as both Secure and secure - I can only say that the all lower case spelling works for us. However WM6 doesn't support this so I added a Subject Alternative Name cert (from our internal Windows CA) - need to take care to ensure that certificate name is the same as the original, otherwise ISA complains and blocks external conections, but this works a treat for both WM5 & WM6.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [Microsoft Exchange 2003] >> Outlook Web Access >> RE: Using wildcard certificates with Windows Mobile 5.0 
RE: Using wildcard certificates with Windows Mobile 5.0 - 
RE: Using wildcard certificates with Windows Mobile 5.0 - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread
