RE: SSL certicate issues - smartphones
- From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
- Date: Tue, 14 Nov 2006 07:44:59 GMT
Hi Robert,
Thanks for using the newsgroup.
From the description, I understand the issue is that you have problem tosetup activesync with Exchange server from the Nokia E62 Smartphone over
https. If I am off base, please don't hesitate to let me know.
Firstly, please let me know the exact OS installed in the smartphone. Is it
Windows mobile OS? If yes, I suggest that you strictly following the
following white paper to configure server activesync:
Step-by-Step Guide to Deploying Windows Mobile-based Devices with Microsoft
Exchange Server 2003 SP2
http://www.microsoft.com/technet/itsolutions/mobile/deploy/msfpdepguide.mspx
Default, ConnectComputer, Exadmin, Exchange, Exchange OMA, ExchWeb, MSWhat is the website host that I need to secure? Options I have:
Server ActiveSync, Monitoring, OMA?
To enable SSL for the exchange activesync, you just need enable SSL on the
Microsoft-Server-ActiveSync virtual directory. And also you should
configure the Microsoft-Server-ActiveSync virtual directory as follows:
1. Open IIS Manager
2. Open properties of Microsoft-Server-ActiveSync virtual directory, select
Directory Security tab.
3. Select Edit in Authentication and access control box. Make sure the
authentication setting as below:
Authentication Methods
Check Basic authentication
Uncheck Enable anonymous access
Uncheck Integrated Windows authentication
4. Select Edit in Secure Communication box, please check the box "Require
secure channel (SSL)" (if you would like to enable SSL)
however the certificate issue wants it to point to a public domain (ours isCurrently I have a self signed certificate (publishing.name.local)
remote.name.com, on which we have a A record). Can I simply delete the old
one and start a new certificate name based on our A record, without messing
up what I currently have?
To install the certificate on the exchange server side, you should do as
follows:
1. Click "Start", point to "Administrative Tools", and then click "Internet
Information Services (IIS) Manager".
2. Navigate to Default web site, and right click "Properties" to open its
properties page.
3. Click "Directory Security", and then click "Server Certificate".
4. On the "Welcome to the Web Certificate Wizard" page, click "Next".
5. On the "Modify the current certificate assignment" page, you will view
the comment like "A certificate is currently installed on this web site".
You can choose option "Renew the current certificate" or the option "Remove
the current certificate" according to your needs. if you would like to use
the new certificate, you can choose the option "Remove the current
certificate" to remove old one and then reinstall a new one.
After the certificate installed on the server side, you can refer to the
following article to install the certificate on the Windows Mobile-based
device:
915840 How to install root certificates on a Windows Mobile-based device
http://support.microsoft.com/default.aspx?scid=kb;EN-US;915840
If it is not Windows mobile based OS, you may need contact the device
vendor to consult how to install certificate on the Smartphone.
Please let me know if you have further question on the issue. I am happy to
be of assistance to you and look forward to your reply.
More information:
Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or
forms-based authentication is required for Exchange Server 2003
http://support.microsoft.com/?id=817379
Sincerely,
Jenny Wu, MCSE 2000/2003, MCSA 2000/2003, MCDBA, MCSD
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--------------------
Thread-Topic: SSL certicate issues - smartphonesSSL
thread-index: AccHMZoW56epjjc9RaOAjh2CMW3lXQ==
X-WBNR-Posting-Host: 70.17.255.99
From: =?Utf-8?B?Um9iZXJ0IChBQVQp?= <wavemaster@xxxxxxxxxxxxxx>
Subject: SSL certicate issues - smartphones
Date: Mon, 13 Nov 2006 06:40:02 -0800
Lines: 23
Message-ID: <EB6D4D4E-EE30-4C50-9F36-387D0FC373BD@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.exchange.connectivity
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.exchange.connectivity:109081
NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.exchange.connectivity
My 'state of the art' Nokia E62 Smartphones won't allow self signed SSL
certificates to be used. So now I am in the process of getting a public
certificate. The instructions request that I generate a CertificateSigning
Request (CSR) from my server.messing
Couple of questions:
What is the website host that I need to secure? Options I have: Default,
ConnectComputer, Exadmin, Exchange, Exchange OMA, ExchWeb, MS Server
ActiveSync, Monitoring, OMA?
Currently I have a self signed certificate (publishing.name.local) however
the certificate issue wants it to point to a public domain (ours is
remote.name.com, on which we have a A record). Can I simply delete the old
one and start a new certificate name based on our A record, without
up what I currently have?
Thanks in advance.
Robert
.
- Follow-Ups:
- RE: SSL certicate issues - smartphones
- From: Robert (AAT)
- RE: SSL certicate issues - smartphones
- Prev by Date: Realexamquestions.com has all new updates than Testking.co.uk
- Next by Date: RE: Win Mobile and SmartPhone access
- Previous by thread: Realexamquestions.com has all new updates than Testking.co.uk
- Next by thread: RE: SSL certicate issues - smartphones
- Index(es):
Relevant Pages
|
