RE: Unable to get WM5 to synch with Godaddy Cert

Tech-Archive recommends: Fix windows errors by optimizing your registry

Hello John,

Thank you for posting here. Let's also thank others for the input.

This is a 3rd-party CA related issue. I think Nordberg's reply is good, I
suggest you try the steps to see if it help.

Meanwhile, Cris and Russ are correct, we need to install the CA on the
mobile device. I want to show you the detail steps:

Perform the following steps to install the certificate on a mobile device:
1. Create a shared folder in which to store the certificate.
2. Export the certificate to the shared folder so the mobile devices can
access it.
3. Install the certificate on the Windows Mobile device.

Step 1: To create a shared folder in which to store the certificate file
1. On the server, open Windows Explorer.
2. Select the root drive or folder in which you want to create the new
shared folder.
3. Click File, point to New, and then click Folder.
4. Rename the new folder to something you will remember (for example,
CertShare).
5. Right-click the renamed folder, and then click Sharing and Security.
6. Click the Sharing tab, select Share this folder, either type a name for
the shared folder or accept the default, and then click OK.

Step 2: To export the certificate file to the shared folder so the mobile
devices can access it
1. While you are still logged on to the server, open Internet Explorer.
2. Click the Tools menu, and then click Internet Options. The Internet
Options dialog box appears.
3. Click the Content tab, and then click the Certificates button. The
Certificates dialog box appears.
4. Click the Trusted Root Certification Authorities tab.
5. Scroll through the list of certificates, and then select the certificate
that was generated by Windows SBS. You can usually identify the certificate
by recognizing the IP address or domain name in the Issued to or Issued by
fields.
6. Click Export. The Certificate Export Wizard starts.
7. On the Welcome page, click Next.
8. On the Export File Format page, select DER encoded binary X.509 (.CER),
and then click Next.
9. On the File to Export page, click Browse, and then open the shared
folder that you created in the previous procedure.
10. Type a file name to identify the certificate that you are exporting,
and then click Save. The file path appears on the File to Export page of
the Certificate Export Wizard.
11. Click Next.
12. Review the settings for accuracy, and then click Finish.
13. Click OK to acknowledge that you have successfully exported the
certificate.
14. Click Close to close the Certificate dialog box.
15. Click OK to close the Internet Options dialog box.

Step3: After you successfully export the certificate to the shared folder,
complete the following steps to install the certificate on a Windows Mobile
device.

To install the certificate on a Windows Mobile device
1. Cradle the mobile device to your client computer.
2. On the client computer, open Windows Explorer, and then open the shared
folder that you created on the server.
3. Copy the certificate file from the shared folder, and then paste it into
the Mobile Device node in Windows Explorer on the client computer. This
places the certificate in the My Documents folder on the Windows Mobile
device.
4. On the Windows Mobile device, open File Explorer (for Pocket PCs) or
File Manager (for Smartphones).
Note: To open File Explorer, click Start, and then click Programs. To open
File Manager, click Start, and then click More.
5. Find the certificate file you just copied to the My Documents folder on
the device, and then run the file either by tapping the file name or by
selecting the file and pressing ENTER.
6. Click Yes on the confirmation message box to install the certificate. If
you receive no error messages, the certificate is installed successfully.

If you receive an error message and the certificate is not installed, you
need to use an external utility to install the certificate on the device.
To install the certificate using the external utility, perform the
following steps:

a. On the client computer, download smartphoneaddcert.exe from the
Microsoft Web site (http://go.microsoft.com/fwlink/?LinkId=75113). If your
mobile operator has a signed version of smartphoneaddcert.exe available at
this Web site, download the signed version.

Note: Although Knowledge Base article 841060, which is at the given link,
refers only to Windows Mobile 2003 and Windows Mobile 2002, the utility
also works with Windows Mobile 5.0. In addition, even though the file is
named "smartphoneaddcert.exe," it also works with Pocket PCs.

b. Run smartphoneaddcert.exe, and then extract SpAddCert.exe.
c. Copy SpAddCert.exe to the device.
d. On the device, create a shared folder named Storage on the root of the
device, and copy the certificate file into the Storage folder.
e. On the device, run SpAddCert.exe. By default, the certificates in the
Storage folder of the device are listed.
f. To install the certificate, select the certificate that you just copied,
and then click OK to all the messages that appear.

If you are using a Smartphone and the self-signed certificate still is not
installed successfully, the device manufacturer or the mobile operator must
have disabled access to the root certificates. Check with the device
manufacturer or the mobile operator to see if they provide a separate
installation utility. Otherwise, you need to use a trusted third-party
certificate.

For detail info, please go to the following page:

Deploying Windows Mobile 5.0 with Windows Small Business Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyID=8be70d72-1e5a-4128-
a30c-dafeeb43544d&displaylang=en

How to install root certificates on a Windows Mobile-based device
http://support.microsoft.com/?id=915840

Hope these steps will give you some help.

Thanks and have a nice day!

Best regards,

Terence Liu(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| From: "John" <nospam@xxxxxxxxxxx>
| Subject: Unable to get WM5 to synch with Godaddy Cert
| Date: Sat, 17 Nov 2007 13:06:48 -0800
| Lines: 66
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.3138
| X-RFC2646: Format=Flowed; Original
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3198
| Message-ID: <#ZZpG3VKIHA.1184@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: ip70-181-84-197.oc.oc.cox.net 70.181.84.197
| Path: TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTNGP04.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:76566
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
|
|
| Setup
|
|
|
| Brand new install of SBS 2003 R2 Standard. Installed Godaddy Turbo cert
| per Godaddy instructions. Installed Intermediate cert first. No issues.
|
|
|
| RWW and OWA work fine.
|
|
|
| Error on Moto Q WM5 is:
|
|
|
| Result:
|
|
|
| The security certificate on the server is invalid. Contact your Exchange
|
| Server administrator or ISP to install a valid certificate on the server.
|
| Support code: 0x80072f0d
|
|
|
| I had Godaddy reissue the cert just to make sure I did not make a
mistake.
| No change.
|
|
|
| I Googled for 0x80072f0d but did not see any resolutions.
|
|
|
| This si the 4th SBS server I have installed the same type of Cert from
| Godaddy and this is the first one to give me problems.
|
|
|
|
|
| TIA
|
|
|
|
|
| John
|
|
|
|
|
|
|
|
|
|
|
|
|

.

Quantcast