Re: Exchange 2003 ActiveSync, Sprint PPC-6700 and SSL: Giving me a

Unfortunately, it isn't my phone otherwise I would have had this up by now.
I am going to save a copy on his PDA and on his PC, so that it will be an
easy copy if a hard reset has to be done.

"Ginny Caughey [MVP]" wrote:

> Michael,
>
> Once you've got the right certificate, it should just work regardless of
> what it's called as far as I know. But if you find out differently, please
> do let us know. The only thing a bit strange is that WM 5.0 doesn't give you
> the same option that you have with IE to just install the unknown
> certificate, but once you've got it working it just continues to work. Do
> save the .cer file that works somewhere convenient though in case you need
> to reset your device and have to reinstall it.
>
> --
> Ginny Caughey
> ..NET Compact Framework MVP
>
>
> "Michael Smith" <MichaelSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:36D0FF45-9B2D-4F19-AB31-3C2C36A5F117@xxxxxxxxxxxxxxxx
> > We are using SBS, and do not have a seperate backend server. I did not
> > set
> > this up and have inherited it. Both Exchange and the Exchange OMA virtual
> > directories are under Default websites (SBS created both folders by
> > default,
> > according to some MS KBs.) The certificate under these two folders is
> > the
> > publishing.domainname.com one. I am not sure why it doesn't match the
> > outside address... I did go to the outside Webmail and get prompted that
> > they don't match. After importing that cert, I didn't get the prompt...
> > so
> > IE was happy. But given how freakishly restrictive they made 5.0, who
> > knows
> > if it will work. Once I hear from the person and give it a try I will
> > update
> > you. I have another possibility linked from a technet blog, although the
> > KB
> > article says it works for 2002 and 2003 phones, the MS developer claims it
> > will work for 5.0... Allowing one to import a root cert.
> >
> > "Ginny Caughey [MVP]" wrote:
> >
> >> Michael,
> >>
> >> My certification path was the same www.mydomain.com that my website uses
> >> for
> >> some reason. For email I use www.mydomain.com/exchange and that's the
> >> address I used for Activesync and my phone works great with air sync. But
> >> try the certificate anyway - it won't hurt anything on the device if it
> >> doesn't help.
> >>
> >> And if it doesn't work, where is the website (in IIS) that you do use for
> >> Exchange mail? How to you connect to your remote mail from outside the
> >> office? When I look at IIS in Server Management, I see Exchange under the
> >> default website tree, but maybe yours is somewhere else?
> >>
> >> --
> >> Ginny Caughey
> >> ..NET Compact Framework MVP
> >>
> >>
> >> "Michael Smith" <MichaelSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> >> news:A9D47183-AA3E-4EFB-8938-00F1E6568AD4@xxxxxxxxxxxxxxxx
> >> > Ok I found where you are talking about and the certificate listed was
> >> >
> >> > publishing.domainname.local
> >> >
> >> > This is obviously not the address that we connect to for mail. So my
> >> > question becomes... even though this cert is not the exact name, will
> >> > it
> >> > work
> >> > the same as if it was?
> >> >
> >> > Did you have the same problem Ginny with your phone? Did this
> >> > particular
> >> > cert work or did you have one that was the exact same?
> >> >
> >> > "Ginny Caughey [MVP]" wrote:
> >> >
> >> >> Michael,
> >> >>
> >> >> Thanks to Bart Martens, Mobile Devices MVP, for these directions which
> >> >> worked for me:
> >> >>
> >> >> On your SBS server you have to generate first a certificate. You have
> >> >> to
> >> >> go
> >> >> to IIS>Servername>WebSites>>Default Websites>Directory Security>Secure
> >> >> communicatio and than View Certificate>Details>copy to file.
> >> >>
> >> >> The *.cer file is now generated in your root folder on your C-drive (I
> >> >> guess)
> >> >>
> >> >> Copy the .cer file to your device.
> >> >>
> >> >> Once the file is on your device, find it using the device's File
> >> >> Explorer
> >> >> and click on it to launch it (which installs it).
> >> >>
> >> >>
> >> >> --
> >> >> Ginny Caughey
> >> >> ..NET Compact Framework MVP
> >> >>
> >> >>
> >> >> "Michael Smith" <MichaelSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
> >> >> message
> >> >> news:B93B6DEC-A1BE-474E-AD19-E326846C5DEE@xxxxxxxxxxxxxxxx
> >> >> > How would one generate a root certificate?
> >> >> >
> >> >> > "Ginny Caughey [MVP]" wrote:
> >> >> >
> >> >> >> Michael,
> >> >> >>
> >> >> >> You can have your server generate a root certificate - you don't
> >> >> >> have
> >> >> >> to
> >> >> >> purchase one. But the best place to get specific answers to
> >> >> >> Exchange
> >> >> >> air
> >> >> >> sync questions are on the microsoft.public.pocketpc.activesync
> >> >> >> newsgroup.
> >> >> >> Here's a FAQ that might help too:
> >> >> >> http://www.microsoft.com/technet/prodtechnol/exchange/2003/actsyncfaq.mspx
> >> >> >>
> >> >> >> --
> >> >> >> Ginny Caughey
> >> >> >> ..NET Compact Framework MVP
> >> >> >>
> >> >> >>
> >> >> >> "Michael Smith" <MichaelSmith@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
> >> >> >> message
> >> >> >> news:550207E9-D594-4FB4-A9E2-5CC6D484B9C2@xxxxxxxxxxxxxxxx
> >> >> >> > Ok, I know this retreads a few posts, but I couldn't find
> >> >> >> > anything
> >> >> >> > to
> >> >> >> > solve
> >> >> >> > my problem.
> >> >> >> >
> >> >> >> > As with many others, I am having problems with the Sprint
> >> >> >> > PPC-6700
> >> >> >> > utilizing
> >> >> >> > Exchange ActiveSync over the Sprint Dialup connection on SBS
> >> >> >> > 2003.
> >> >> >> > Based
> >> >> >> > on
> >> >> >> > my research so far, it seems that the most likely offender is the
> >> >> >> > way
> >> >> >> > WM5
> >> >> >> > processes SSL certs. Whereas previous versions were a bit
> >> >> >> > liberal
> >> >> >> > in
> >> >> >> > what
> >> >> >> > they accepted, the current version apparently wants an exact SSL.
> >> >> >> >
> >> >> >> > Based on some postings on a few other boards, I tried to copy the
> >> >> >> > SSL
> >> >> >> > certificate onto the PDA. It was easy to do, however, the SSL
> >> >> >> > certificate
> >> >> >> > reflects the internal site name. Well this is a problem as the
> >> >> >> > phone
> >> >> >> > needs
> >> >> >> > to connect to it anywhere. When I sync with this cert, it tells
> >> >> >> > me
> >> >> >> > it
> >> >> >> > needs
> >> >> >> > a cert with the correct name... in this case the outside name.
> >> >> >> >
> >> >> >> > So my question is, other than paying for an SSL cert, something I
> >> >> >> > reject
> >> >> >> > on
> >> >> >> > principle in this situation, how can I use SSL when syncing with
> >> >> >> > Active
> >> >> >> > Sync
> >> >> >> > in the manner described above. Is there another certificate I
> >> >> >> > can
> >> >> >> > use
> >> >> >> > to
> >> >> >> > copy onto the PPC-6700 that will do the trick? Can I create one
> >> >> >> > using
> >> >> >> > SelfSSL that will work?
> >> >> >> >
> >> >> >> > PLEASE HELP!!! If you know a workaround, or which cert to use
> >> >> >> > please
> >> >> >> > let
> >> >> >> > me
> >> >> >> > know. Please be specific on the certs, as in where it is located
> >> >> >> > in
> >> >> >> > the
> >> >> >> > Certificates MMC. Any help is greatly appreciated.
> >> >> >> >
> >> >> >> > Thanks!
> >> >> >>
> >> >> >>
> >> >> >>
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>
.

Relevant Pages

  • Re: Problems setting up SSL on Exchange 2003 Front End server
    ... No it doesn't look like there is anything under IIS Manager about CertSrv, ... It was installed in preperation for the Exchange FE server. ... My certificate knoweldge is fairly minimal. ...
    (microsoft.public.exchange.admin)
  • Re: win2003 & exchange 2003 mail problem
    ... Have a look in IIS Manager under the Default Exchange website, ... > I have a win 2003 enterprise edition server with one domain, ...
    (microsoft.public.exchange.admin)
  • Disable or Control certificate auto-import?
    ... I'm working with an IIS 6.0 website running on Windows 2003 Server. ... It's normally used as an internal website, but we now have a small group ... that I could export the certificate, and then get both internal and external ...
    (microsoft.public.inetserver.iis.security)
  • Re: Problems setting up SSL on Exchange 2003 Front End server
    ... No it doesn't look like there is anything under IIS Manager about CertSrv, ... It was installed in preperation for the Exchange ... supposed to be going to a webpage on my CA server? ... My certificate knoweldge is fairly minimal. ...
    (microsoft.public.exchange.admin)
  • Re: Is Get-ExchangeCertificate supposed to show newly imported cer
    ... IIS to make the request and then upload the request to the cert provider then ... Exchange 2007 and it the cert works great for autodiscovery and OWA. ... Go to certificate services web page and submit a cerificate ...
    (microsoft.public.exchange.admin)