Hi,
Is it possible to install a digital client certificate on an XDA II ?, I would like to be able to configure my webserver (IIS/weblogic) to ask the user to supply a certificate that the server (java servlet) could validate the fingerprint contained in the certificate.
Thanks for reading,
Gerardo
Related
Hi,
I'm having a mare trying to get more info anywhere on the web.
I have an Intranet based web app running on latest version of IIS with .NET & SQL Server 2000 (on different boxes) using Integrated Windows Authentication (the IIS is trusted to the SQL Server box)
It runs fine on IE v6 provided the Enable Integrated Windows Authentication checkbox is ticked.
However on the XDA using Pocket IE (ROM 3.17.03 ENG) it gives Login failed for user 'NT AUTHORITY \ANONYMOUS LOGON' which usually means no Integrated Windows Authentication.
I can't find any docos on whether Integrated Windows Authentication is supported in Pocket PC 2002 - has anyone else come accross this or got any pointers they could help me with?
Thanks
As far as I know, Integrated Windows Authentication means that IIS will use the user's Windows login to authenticate the user. This is normally using your DomainName\Username for windows. When you are on your xda, you are not authenticated by Windows as the xda is not on the domain and you are logging into "Windows" using the same DomainName\Username on your xda. Try changing the IIS setting to use simple authentication so that users are prompted for a username and password to access the website.
I hope this helps
Thanks Illwil.
I can't allow simple authentication on the IIS as it will then screw the security for PC users (ie 99%)
I'm already logging onto the Domain via a dial up connection so it should all be OK
I think its something to do with Pocket IE declaring itself as IE version 4 to the Web Server rather than as Pocket IE
IE v4 doesn't support NTLM authentication (ie Windows Integrated Authentication) whereas I think Pocket IE should.
Also I've got 2002 which means that ByPass proxy server for local sites is automatic so its not that.
Still scrabbling - any help still gratefully received!
An answer after 3 months!
Bit of a dull one I know but just in case anyone was interested (!) I've used some mobile web forms instead of normal web forms - they only support ObjectList as opposed to DataGrid but seem to allow the windows integrated seciruty to work.
Thanks to anyone that gave this some thought.
John
I'm trying to synchronizise with the exchange server at my work.
But for some reason it doesn't work. I've filled in everything in the right way (address, domein etc.) the fault code is 80070002.
Can somebody help me with this?
same here at home (no firewalls)
Works fine for me. Exchange server needs just some configuration.
Priit said:
Works fine for me. Exchange server needs just some configuration.
Click to expand...
Click to collapse
What kind of configuration?
First, your Outlook Web Access (yes, OWA!) can not use forms based authentication nor SSL encryption. If you don want to use these (you most probably want to use SSL) then you need to create another virtual OWA directory without SSL and force ActiveSync (and Outlook Mobile Access) to use it.
More information at
http://support.microsoft.com/default.aspx?scid=kb;en-us;817379
Check if you can access OMA (Outlook Mobile Access) using http://yourserver/oma and check also Exchange server logs.
I thought this wasn't supported on WM5 until AKU 2.0 comes out (hopefully soon)
So ur saving I have to turn Forms authentication off and ssl off on OWA for my mobile device to work ?
sounds a bit of a poor show.
I need Forms based auth ideally as it goes through firewalls where as the other type does not.
Ours works here and we use SSL.
For the server name make sure you are using the fully qualified domain name that you use from the internet. IE: mail.domain.com. You don't have to put the /exchange on the end.
username, password and domain are all the same as what you use to log in.
OH, and the certificate you use on the server should be for mail.domain.com and not servername.
Hope this helps.
@spartanrob: DirectPush needs AKU2.0. You have always had possibility to sync manually. Or if your operator provides e-mail to SMS then you have the same functionality already today.
@Karzi:
No, I'm not saying you have to turn off SSL and/or forms-based auth., but you need to create another virtual OWA directory, which does not require SSL and forms-based authentication. You can limit access to this directory to localhost only so there will be no security concerns.
@MrHappy:
Your server is probably set up in that way.
Please go read this it helped me with the same error
http://hardware.mcse.ms/archive35-2005-11-248477.html
Basicly says that you have to download the cert from https://server.domain.com/certsrv then install the certificate on your desktop and your handheld then activesync will work....
I was hesitant but it worked for me.... it changed the path in the cert from my ip to my server.domain.com
Does anyone know:
Is it possible to do Group Authentication with the built-in VPN client? My work network uses a Cisco VPN and I've managed to extract out of our IT department the Group name and Password but I can't figure out how to enter this onto the Exec - it offers me "A certificate on this device" or "A pre-shared key" and entering the password into the pre-shared key doesn't seem to work. Our IT department tells me that the Exec is unsupported and won't give me any help so anyone out there know how to do this?
If it's not possible, anyone recommend a good VPN client for connecting to a Cisco VPN?
Thanks
G
Anybody?
My work uses group authentication also. Does anyone know a good vpn client that will work with group authentication?
There is a Cisco ICA/Xen/client for ARM PDA here: http://www.citrix.com/English/ss/downloads/details.asp?downloadId=3607&productId=186#top
Is this what you are looking for?
interesting..
I didn't know there was a citrix client for WM. My work also uses citrix. The only problem is in order to connect with the citrix client I must have a VPN tunnel first . My work uses Cisco VPN Group Authentication. I have not yet found a VPN client for WM that will allow Cisco group authentication. If anyone knows of one, PLEASE let me know.
Thanks wovens for the citrix client. That will be neat to try if I can ever get a VPN tunnel setup.
FOUND IT!
I finally found a VPN client that will work with Cisco group authentication. It is Bluefire Mobile Security VPN. One thing I found is that after you connect you must press the END key to get out of the client because pressing the x will kill the client. Works Great!
The only problem is the company went out of business (http://www.bluefiresecurity.com). I was able to find the .cab, but not sure if it is against forum rules to post it... Can a mod please inform me, thx.
Does your company use Cisco SSL Vpn by chance? It's the way Cisco is leaning as is with less support for the ipsec since they can make more money off of licensing.
Anyhow if your company does use SSL VPN, Cisco's anyconnect client supports Windows mobile. I have been using it and it works good for what I use it for (primarily SSH, but for kicks I tried remote desktop and it worked good too).
McGeezy said:
I finally found a VPN client that will work with Cisco group authentication. It is Bluefire Mobile Security VPN. One thing I found is that after you connect you must press the END key to get out of the client because pressing the x will kill the client. Works Great!
The only problem is the company went out of business (http://www.bluefiresecurity.com). I was able to find the .cab, but not sure if it is against forum rules to post it... Can a mod please inform me, thx.
Click to expand...
Click to collapse
this website of "bluefiresecurity.com can not the opened. would u pls post it here with the cab file? thanks a lot.
BlueFire VPN Client
http://rapidshare.com/files/8640811....5.706.XScale.WM5.WM6.Regged.DIRFIX-DVTPDA.ra
There are a lot of files, rar files within zip files, but the cab for the vpn client is there, name: MobileVPN.27.5.706.ARM.PPC.Client.cab
Hi, i'm developing a simple app that is an android client that communicates with a server on a ssl socket. Everything works fine, but when i add to the ServerSocket running on my server pc the option setNeedClientAuth the client can't authenticate...in particular i get this exception on the server...
Code:
SSLHandshakeException: null cert chain
The same code executed in a normal app in Java on a pc works fine!
Sorry but because i'm a new user i can't post the code because it appears as a link.
It's two days that i break my head on this thing...i hope that someone could help me...Thank you!
Not sure if you still want an answer, but Android does not support self-signed certificate.
You need to implement fake verifier that override the verify method to make it accept any certificate.
I am still having similar problem because I am getting 403 Forbidden from server without knowing why and I cannot change anything on server side
Hey all,
So I just set up a VPN server on my OPNsense firewall. I want to connect to it using my Android 9 phone with Lineage 16.0-20190725 using IPSec Xauth RSA.
Importing the CA certificate works great, but when I import the VPN client certificate it doesn't work the way it should. I don't get an error or anything, but the certificate is not in the list of possible "IPsec user certificate" in the VPN settings. It is, however, in the list of "IPsec server certificate" in the VPN settings. I double checked the OPNsense settings, and I can see that the certificate is clearly marked as a client certificate, not a server certificate. This suggests to me that android somehow does not realize that this certificate is a client/user certificate instead of a server certificate.
What can I do?
- Jaapyse