Re: Direct Push failed.

The phone has to trust the Root server that issued the certificate to your
server. In some cases you will have to install the trusted root certificate.


"Mark Arnold [MVP]" <mark@xxxxxxxx> wrote in message
news:u344k2tvd81joeblo4i59tmatoe17jhkrs@xxxxxxxxxx
On Thu, 26 Oct 2006 20:09:01 -0700, Kelvin
<Kelvin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:

Hi,

I am having an exchange server 2003 with service pack 2 and ISA 2000 in my
network. I would like to configure my smartphone with windows mobile 5 to
be
able to use the direct push feature. My boss is currently using a dopod
577w
smartphone with windows mobile 5 as OS which was bought 2-3 months back. I
know that ISA 2000 and 2004 the ssl publishing is a little bit different.
Correct me if i am wrong but i have notice that the previous person who
configured the ISA 2000 is using one cert for all. If i disable the cert
for
microsoft-server-activesync, will i also disable the cert for OWA?

I have tried configurating the ISA 2000 to be able to publish cert for the
microsoft-server-acticesync. When i run the active sync in the phone, when
synchronizing there was a prompt while connecting to the exchange server
which states that the cert is invalid. Do i need to install cert into the
phone? i have tried using the spaddcert program in the phone hoping that i
can install the cert. After i have stored the cert in the mem card, when i
lauch the spaddcert, there was an error message prompt which states, there
is
no cert found. There is one thing that i have tested also, which is
disabling
the ssl listner for microsoft-server-activesync, and disabling ssl in the
IIS
for microsoft-server-activesync too. I tried synchronizing it, and an
error
message prompted with the messge, could not authenticate users, no
permission
to do so.

Does that means that the phone is not compatible with direct push or my
ISA
has problems publishing out the microsoft-server-activesync?? Is there a
way
where i can check if my isa publishing is working properly? Really do hope
that there is a work around for this problem for this problem has been
pending for quite sometime in my company.

Thank you in advance.

You've typed a lot but haven't said much yet. Things you need to do in
order to narrow it down is to dispense with both SSL and the ISA, then
get it working and add components in one at a time.
Always the best diagnostic is to get it all down to basics and take it
from there.



.

Relevant Pages

  • Re: SSL Publishing issue (error 500 Target principal name is incorrect - 2146893022)
    ... servers I have assigned a cert with their internal FQDN and changed the ISA ... > The ISA server uses internal DNS servers to name resolution. ... > exported as PFX and imported onto both web servers and the ISA server. ...
    (microsoft.public.isa.publishing)
  • Re: OWA Form Resetting
    ... It seems that I had FBA turned on on both the ISA & Exchange server. ... I was issued a new SSL certificate from InstantSSL.com. ... After installing the new cert and REBOOTING, ...
    (microsoft.public.isa)
  • Re: OWA problem after renewal of SSL cert
    ... Yes...installed cert into the Exchange server's cert store...I exported ... w/private key and installed in ISA server's cert store as well... ... server or on the Exchange server? ...
    (microsoft.public.exchange.admin)
  • Re: CEICW after loading third party certificate
    ... the ability to verify with an SSL certificate should work. ... way that ISA 2004 is setup. ... Choose a name for the server and get a cert with that name. ...
    (microsoft.public.windows.server.sbs)
  • Re: Direct Push failed.
    ... he security certificatee on the server is invalid. ... If have this error which means my ISA is working correctly am i right? ... The way is to export out the root cert from the ... In some cases you will have to install the trusted root certificate. ...
    (microsoft.public.exchange.setup)