Re: WM5 Activesync SSL issues

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hi,
Since you are prompted each time you browse the web site the cerificate was
not installed or it cannot recognise the format.

The WM5 devices can only import a base64 format certificate.

Also other users have had to contact the cert issuer to replace an
incompatible certificate that is supported by WM5.


--
Chris De Herrera
http://www.pocketpcfaq.com
http://www.tabletpctalk.com
http://www.pocketpctalk.com
http://www.mobilitytalk.com

ActiveSync 4.x Troubleshooting Guide -
http://www.pocketpcfaq.com/faqs/activesync/tshoot-as4x.htm

"Stu" <stuart.graham@xxxxxxxxx> wrote in message
news:1137689493.168528.252140@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Im having some problems getting my WM5 mobile to sync up to my Exchange
> server via SSL
>
> I have an Imate SP5 with WM5 an also an E2k3 SP2 server.
>
> I can get my Mobile outlook to sync fine without SSL so thats rules out
> any activesync issues.
>
> When I try to sync I get the following support code error. 0x80072F0FD
>
> Ive successfully installed my certificate by exporting the .cer file
> and importing it, ive also used the imate tool to install certs,
> furthermore I can see the certificate installed in the root of my
> certificate store. Issued to mail.my-domain.com Issued By: Equifax
> Secure Global.
>
> Ive also changed HKLM\Security\Policies\Policies\00001017 from 128 to
> 144. But I find this resets itself on a reboot.
>
> Now the interesting bit, when I try to get to OMA on
> http://mail.my-domain.com/oma I get the prompt, this certificate is
> incorrect, invalid etc, the usual warning. I do not receive this in XP
> IE6 or Firefox so again ive ruled out a certificate issue.
>
> One thing I did notice however....when you accept this warning you get
> to the login screen where interestingly it says
>
> Site : mail.xxxxxx-
> Realm: mail.xxxxxx-xxxx (runs off the screen)
>
> Im wondering if there is a bug in Mobile IE or the underlying HTTP
> drivers which cuts short the domain name and is causing this mismatch
> in Certificate Issued to: and Site: and causing the prompt and
> therefore causing the error message with Activesync which cannot handle
> certificate prompts??
>
> Can someone else test this theory out to see if they get similar
>
> Can someone from MSFT comment on their thoughts on this. I am willing
> try suggestions, tools, patches etc.
>


.

Relevant Pages

  • Re: WinUsb and WHQL signing
    ... prompt when staging the driver to the system on Vista and Win 7. ... Though that would be a 1-time prompt that users would not see when plugging ... It is okay that the user has to accept our certificate. ... would break our unattended install. ...
    (microsoft.public.development.device.drivers)
  • RE: Still having trouble connecting to Exch over internet.
    ... configure Outlook for use over the Internet - did you go through that ... The page should prompt you for credentials and when you login you should ... If you get prompted for a certificate, then RPC over HTTP will fail. ... is not trusted then click view certificate and install it. ...
    (microsoft.public.windows.server.sbs)
  • Re: OWA and SSL Problems
    ... Install a copy of the signing CA's certificate in the Trusted Root Store. ... It's working, but I get the initial yes/no prompt for the certificate, then I log in, then I get the certificate prompt literally about 30 times. ...
    (microsoft.public.exchange.clients)
  • Re: WiFi Access to a Unverfied Certificate
    ... The way to do that is to install the certificate in your device. ... Certchk.exe doesn't work in WM5 since it is a big security breach. ... The registry hack for connecting oa self-signed exchange ...
    (microsoft.public.pocketpc)
  • Re: Windows Update repeats
    ... You cannot install some updates or programs ... to a Windows component, install a service pack for Windows or for a Windows ... The Microsoft digital signature affirms that software has been tested with ... Publishers certificate store. ...
    (microsoft.public.windowsupdate)