I installed our company root CA on my windows mobile device. It said it was installed successfully. I set the username and password and domain. I selected SSL encryption. Set the server to the required IP address. I tried to sync my email and I get the following error:
"Result:
The security certificate on the server is not valid. Contact you Exchange Server administrator or ISP to install a valid certificate on the server" This is also referred to as support code "0x80072F0D"
I looked at the installed cert on my device and have the following details:
CERTIFICATE DETAILS (ROOT)
Issued to: **SNIP** (THIS IS AN IP ADDRESS)
Issued by: ** SNIP **
Valid from: 5/26/06 to 5/25/08
Intended Purpose(s): Server Authentication
Do you know what I am doing wrong?
Thank you very much in advance.
Any help
This problem is killing me! Is it possible that Softbank is blocking port 443? I seem to have read that somewhere last year. I have had this phone for almost 7 months and I still haven't got it to do what I purchased it for. aaah the ranting.. that felt good
Related
Hello Everyone
I have configured my server & device (SPV M3100 WM2005) to allow direct push but when I sync I get a error which states my security certificate is invalid?
I created the certificate via StartCom Free SSL CA which have sucessfully installed on my server. (OWA & OMA all working correcly using SSL)
However when I try direct push I am unable to sync receiving the above security error.
I have tried exporting the cert to my device..no luck
I have tried using the smartphoneaddcert..no luck
Is this a problem with my orange operator not allowing SSL cert to be installed?? Is there away around this? Eg registry hack etc? If yes, how?
thanks in advance
Jonathan
Check the date and time on your device... it must be correct for the cert to be valid...
Also search for adding root cert via xml in google.
You could just disable security entirely...
You have to make sure the CA issuing the SSL cert. to use is in the trusted root CA list. If that's unsure, you can add the root CA cert again. The free SSL cert company should have the cert being able to download. However, if it's internal CA via Windows, that pretty easy: just use PIE to browse to the CA cert page and click "download root cert". Good luck man.
And if you can't get the certificate to download, you can always put the root certificate on your PDA (by AS) and execute it, then it'll also be registered propperly. After that, it should defenitly work.
i too use StartCom Free SSL. works great!
TseLawrence said:
You have to make sure the CA issuing the SSL cert. to use is in the trusted root CA list. If that's unsure, you can add the root CA cert again. The free SSL cert company should have the cert being able to download. However, if it's internal CA via Windows, that pretty easy: just use PIE to browse to the CA cert page and click "download root cert". Good luck man.
Click to expand...
Click to collapse
I downloaded the cert from the CA page however my device does not recognise the file. It saves as aphp file?
Heimiko said:
And if you can't get the certificate to download, you can always put the root certificate on your PDA (by AS) and execute it, then it'll also be registered propperly. After that, it should defenitly work.
i too use StartCom Free SSL. works great!
Click to expand...
Click to collapse
I emailed the cert which was installed on my server, then sync'd it to my device without luck? Do i need to sync while actually attached to my server. I am currently doing all this remotely as I do not have physical access to the server as of yet?
JOY JOY Worked it out!!
I exported my Cert as a "PKCS #7 Certificate"
When I opened the cert I had all three certs in the chain.
I then sync'd all three cert onto my device and installed in order.
My device is now syn'cd via direct push!
Yippeeee
Hi
I am having a WM6 on HTC 3400i. When I configure Activesync I get this error message 0x80072F17.
Also, doing the connection configuration, I am not able to provide the domain name (I have provided the server name). I understand the domain is provided automatically by the ISP.
Please help and provide a solution.
Thanks.
Pmsmob
Hello Everyone,
Am unable to sync exchange with HD2 (energy rom) i recieve an err with the following code 0x85010001. However, nothing wrong with my corporate exchange server if used on other devices.
Please urgent help is required
Thanks in adv
You should check the following as being the most common reason not able to sync with exchange:
- date/time on your phone
- is the correct cert loaded on your phone
- can you connect to OWA using web browser
Re: Exchange Sync Err
Hi,
date n time are correct as per the place i live in
how do i check correct cert? and can u please let me know where to install it from?
yes i can access OWA using fone's browser
thnx, wud appreciate your help mate
You need to have a valid SSL certificate from your mail server. But this is only the case when your company doesn't have a purchased SSL certificate but a self generated one. So if this is the case your company admin can provide you with the certificate.
Stan has it...
I've read and searched and Googled but I can't find an answer
I recently flashed my first Android NAND ROM: "CMYLXGOroms.Stock.Desire.HD.v1.1.4.1n.NAND.RMNET.NO-SQUASH-RAFPIGNA.1.7OC_CWM.zip".
Everything went smoothly and it all looks good except I cannot complete the Exchange ActiveSync account.
DETAILS:
1. I'm hosting my own Exchange server -2003
2. My SSL cert is self-generated from my own MS Cert Authority
3. I can view my OWA account via the native web browser w/o issue
4. My settings "appear" to be fine as I can reach the very end of the setup wizard. (If I change any of the ActiveSync account settings to an invalid option - say add an extra character to the server address - I receive an error when I click on "Next")
ISSUE:
1. On the last step of the setup wizard, when I click on "Finish setup" I receive the error:
"Failed to created the account. Please try again later."
QUESTIONS/THOUGHTS:
1. How to you import a SSL Cert in Android?
2. I've read about "Accept All SSL Certificates" dialog box you can check but I don't see one during the setup wizard - only the "This server requires an encrypted SSL connection". Is this a legacy setting or something that is hidden by HTC's SenseHD or? Is there anyway to access this option?
3. I've tried both checking and un-checking the "This server requires an encrypted SSL connection" - both give me the same failed result.
OTHER TROUBLESHOOTING:
1. I know this works as I've been successfully using Activesync with WinMo 6.1 & 6.5 on my wife's TouchPro2 and this works fine w/ the stock WinMo 6.5. So it's not a bad config on the back-end.
2. I tried installing Touchdown to see if that would work and I cannot get that to work either.
I'm getting really frustrated - any help would be GREATLY appreciated!
thnx
UPDATE:
I spent all day:
1. Creating a new DNS A record to point directly to my OWA server
2. Upgrading my SSL cert to an offical third-part cert from startssl.com (great service for free BTW)
3. Figuring out how to export/import/modify that cert to be installed on Android
I now have a nice DNS record that points to my OWA server (vs. the old DynDNS pointer) and I appreciate the SSL cert for free find, but I'm still ready to loose it over the lack of ActiveSync support.
Anybody have any idea if this is potentially a ROM issue and I should try another? Or is this a Froyo issue and I should try Gingerbread?
TIA
Guys, how to remove the expired root certificate (Secure Server Certification Authority of Verisign) from the store? I cannot connect to my mail server because the ActiveSync says: "The security certificate on the server is not valid. Contact your Exchange Server administrator...blablabla". The cert on the Exchange is valid (doublechecked), but the device's root cert expired in January this year. I installed the newest Verisign certs but the old root cert is still there.
If I right click on the cert (Settings\System\Certificates\Root), the DELETE option is grayed out. I have read somewhere that MANAGER role would be needed for this. My phone is no longer enrolled in any domain however the certs were installed earlier when the device was member of the domain of the company I used to work.
What to do now?