Difficulties to change certificate

Difficulties to change certificate (Full Version)

All Forums >> [Microsoft Exchange 2007] >> Secure Messaging

Message

michauko -> Difficulties to change certificate (20.May2008 11:41:03 AM)
Hello, I had some warnings about my SSL certificate (generated at installation time), as my local hostname is something like "exchange.myAD.mycorp.net" and my public hostname is like "exchange.mycorp.com". As the names differ, outlook warns at startup. Except that, everything is working (OWA, exchange sync in OL 2003 and 2007). I wanted to fix this because I have a mobile phone running Win Mobile 5 that doesn't like the name problem and I cannot force it to accept the certificate. So I had to fix that name problem and give my certificate several names, I guess, including autodiscover.mycorp.com. I followed these documentations to generate a new certificate: http://www.equisys.com/technotes/ztn2020.htm http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/a2f35fcd-d3b6-4f39-ba93-041a86f7e17f.mspx?mfr=true ... that I signed by myself with my root cert (not verisign-like stuff). Now, the OWA is still working, but Outlook is not : I mean : no pop-up anymore, but when I sync, the "Microsoft Exchange" task finished with code 0x8004011D. If I switch back the certificate, everything is working fine again. Have I missed something when changing the certificate ? Any help would be appreciated :) Thank you, JM.

michauko -> RE: Difficulties to change certificate (21.May2008 3:01:24 AM)
Ok, after a reboot, things are better :) My phone still tells me the certificate "isn't valid", maybe because I signed it with my own root certificate, not a verisign-or-something... I'll keep you informed, that might help some people, one day

John Weber -> RE: Difficulties to change certificate (21.May2008 12:45:06 PM)
import your root cert from your CA onto your mobile device.

michauko -> RE: Difficulties to change certificate (28.May2008 4:20:30 AM)
Hello, Thank you for your answer. I understood my windows mobile 5 wants a PKCS12 certificate (so I converted my CRT certificate), and I had to use a 3rd-party tool to import it as there's no import functionnality on Win Mob 5 (only as of 6+) I used it : http://www.jacco2.dds.nl/networking/p12imprt.html, and I managed to import my root certificate. The only problem I still have is that the phone recognize my root certificate as a personnal certificate. That must be why I still have a 0x8* error at sync time... Any idea ? I know this question is 50% exchange / 50% mobile phone... :/

MIDOOooo -> RE: Difficulties to change certificate (6.Jul.2008 2:01:42 AM)
my advice is to generate a new certificate and make a split-dns infrastructure to use only one name from external and internal. that will solve all of ur problems.

Page: [1]