Poutlook email and client side certificate - Networking

Hi,
I've an email account which I can access only with a client side cert. With a desktop application like Thunderbird, it is no problem. I just import the .p12 file, go to account settings->security and selecting the imported certs. Works perfectly.
BUT..
on Windows Mobile, I've imported this .p12 file just by clicking on it, and I can see it in settings->system->certificates, but I don't know how to tell poutlook to use this cert.
Is there a way to tell this to poutlook at all? Or if not, is there another email client that can handle client side cert?
thx.

Hmm.. where should I write this to get an answer?

Here is the solution:
http://forum.xda-developers.com/showpost.php?p=5750590&postcount=5

Related

PUSH MAIL ISSUES

All need some help. I'm trying to utilize the Push Mail technology. I have set up to sync with an exchange server correctly, however within our company we use certificates to authenticate. So I expported my certificate and imported it into my 8125. When I go to look at my certs in my 8125 I see that it imported successfully. Now when I try to sync it asks for the password and it comes back with an error code of 0x85030028 (cannot obtain a valid cert). Now if I use my PIE and go to the OWA which utilizes the cert as well it sees it and authenticates just fine. For some reason activesync isn't seeing it. Any ideas how to fix?
Geno
From what I know, you can't use certificates with Push email. You have to setup a new virtual site on the server running OWA called it Exchange-PPC or something and have it set for Intergrated Authentication, then you would configure your device to hit the new site like http://www.site.com/exchange/username or something like that.
There's a little more than just setting up the site, some registry changes, check Microsofts site for the error number, you'll find a KB document explaining how to setup the Virtual Site for syncing with your device.

Microsoft Exchange OWA certificates

Ever since buying the Wizard, I seem to be having trouble to get to our corporate OWA-pages. In general, logging in works perfectly, reading the first mail also without hassle, but replying, reading other mail or whatever results in constant login-screens.
On Windows Mobile 2003, there was a solution from Microsoft to circumvent this, but for WM2005 I have yet to see a solution.
Anyone?
You might try here or here to import personal certificates.
Do you need OWA or can you live with OMA instead? It's not elegant but it's functional.
Steven
Hello,
Why don't use the activesync synchronisation with exchange server ? (if it is a 2003 server of course !)
if it's an https site and using a private CA cert then download the root certificate from a desktop PC and run the .cer file on the handheld to import it. Really simple to do.
twaddle said:
if it's an https site and using a private CA cert then download the root certificate from a desktop PC and run the .cer file on the handheld to import it. Really simple to do.
Click to expand...
Click to collapse
Like jcleek mentioned; I followed instructions to import the certificate from my PC onto my Wizard. Still, after logging on to OWA, I get the same loop again. 1 mail can be read; every next action requests for my password again. :?

Push Email with Exchange Server?

Hi all, im kind of new to this but i just read about push email with exchange server and i was wondering how i could use it with my mda vario. I've already installed an updated rom with push email but i dont know how to use it. can any one fill me in on this? thanks for any help.
You need a Exchange 2003 server with at least SP2 installed. Also a UMTS/GPRS connection because is not working over WIFI.
Bitfrotter 8)
Go to www.mail2web.com, sign up there. Than put the settings from the website in the Exchange Server settings in Active Sync on your PPC. Set your current email address to automatically forward your email to your mail2web email address. Enable GPRS and enable push email from the Comm Manager and bingo, push email is yours.
Ok, ive already signed up with mail2web but i want to automatically retrieve hotmail emails. i don't see an option on hotmail to forward all my emails to mail2web. am i missing something here? sorry, im inexperienced and all and these are probably lame questions and all. but please help me out. after reading that article i got hyped up in doing this. thanks for any replies.
Bitfrotter said:
You need a Exchange 2003 server with at least SP2 installed. Also a UMTS/GPRS connection because is not working over WIFI.
Bitfrotter 8)
Click to expand...
Click to collapse
I've gotten DirectPush to work over WiFi... Maybe that was an earlier ROM version though... I don't recall the circumstances under which I got it to work.
MS says that Direct Push does not work over WiFi. WiFi does not allow disconnected connections (in other words, a connection that allows for the data stream to be suspended). If WiFi did it, it would require a continuous connection that would drain the batteries at a very rapid pace.
Setting up Exchange for Direct Push is pretty easy. I set up ours in about 5 minutes.
One of the coolest things you can do with a correctly configured Exchange 2003 system is with the Mobile Admin pack (free download from MS). It allows you to tell the PDA that it needs to "self-destruct" in case the phone is stolen. A remote wipe will do a hard-reset on the phone, deleting all data not stored on an external SD.
I usually get my email on the MDA faster than Outlook on my desktop.
If any Exchange admins are out there, I can post how to set it up if anyone needs help.
exchange/activesync
Yes please!
Hotmail has deleted the possibility of forwarding mail automatically a few years ago in the free version, only Hotmail Plus subscribers can use this option. With gmail however it is still free. So a basic hotmail account will not be able to use Push over Exchange. You can however sign in to MSN Messenger on your device and will then be notified as soon as an email arrives on the hotmail server. This will cost you extra data charges though, since contacts coming online will also result in data transfer to your device.
Romp said:
MS says that Direct Push does not work over WiFi. WiFi does not allow disconnected connections (in other words, a connection that allows for the data stream to be suspended). If WiFi did it, it would require a continuous connection that would drain the batteries at a very rapid pace.
Setting up Exchange for Direct Push is pretty easy. I set up ours in about 5 minutes.
One of the coolest things you can do with a correctly configured Exchange 2003 system is with the Mobile Admin pack (free download from MS). It allows you to tell the PDA that it needs to "self-destruct" in case the phone is stolen. A remote wipe will do a hard-reset on the phone, deleting all data not stored on an external SD.
I usually get my email on the MDA faster than Outlook on my desktop.
If any Exchange admins are out there, I can post how to set it up if anyone needs help.
Click to expand...
Click to collapse
that would be awesome if you know of a tutorial anywhere on this..
so by creating an exchange server as romp said, you can sync any email including hotmail? well that's really a bummer that microsoft disabled forwarding on hotmail. Its mainly my primary email which all my friends/family know. so it would be a miracle if anyone knew how to sync hotmail without subscribing to their hotmail plus.
Well, getting outside emails are a bit more complex. This is usually for a business, but there are plenty of POP-to-Exchange plug ins that would allow getting Hotmail emails. Of course, you would need the Hotmail Plus for the POP.
http://www.slipstick.com/exs/popconnect.htm
My answer was more concerning the Exchange Direct push question, not the hotmail one.
Where I work (yes, I did set up the Exchange system) we have GFI spam filtering and virus filtering (www.gfi.com) and they have a POP2Exchange bridge included. It just checks the account, downloads any POP emails, and drops it in the right mailbox.
Exchange is a complete system, not just mail. It has webmail, Windows Mobile direct push, calendar, contacts, and more. Unless you are in a company with Exchange or Small Business Server, its not a cheap thing to do for a home network.
If you DO have Exchange at your office, run to the IT guy and hurt him until he sets your phone up on it. Its all the functionality of Blackberry and more, built into Exchange.
I'll write that tutorial, g0nk.
ok so if we go the mail2web route... i dont need to install exchange 2003 on a pc myself? does it only work on windows server 2003?
im interested in doing this at my job but i want to make sure it is not too difficult
edit.. well we have our own domain email addresses so the [email protected] is not an option..
any suggestions?
Romp said:
Exchange is a complete system, not just mail. It has webmail, Windows Mobile direct push, calendar, contacts, and more.
If you DO have Exchange at your office, run to the IT guy and hurt him until he sets your phone up on it. Its all the functionality of Blackberry and more, built into Exchange.
I'll write that tutorial, g0nk.
Click to expand...
Click to collapse
1) Agreed
2) I am the IT guy and it don't work on our server - the rootcertificate won't install to the PPC - an MS acknowledged problem............
3) Please forward ASAP !! Thanks !! :lol:
Is it a self published cert? Because you CAN get any externally issued cert to work just fine. We use a $15 GoDaddy cert with no problems.
The big screw up most people have with the cert (myself included) is that the cert is not correctly installed, even though it says it is.
Cheaper certs are called "Chained" certs. All certs need a path back to one of the big cert companies. So, companies like GoDaddy get approved to be second level cert issuers. IE on the PC will look at the cert and track it back to the main cert issuer. For example, the cert on GoDaddy goes from GoDaddy, to Starfield, to VeriCert. The VeriCert certificate is installed on all PCs.
Anyway, the problem is that the PC can follow an undefined cert path, the PPC can't. If you install the cert on the server, IE on the PC can figure out the whole path, PPC can't. So, the big thing is to make sure the MIDDLE CERTS are installed on the server. Even though everything seems fine, chances are that the middle ones are not (in this case STARFIELD)
The easiest way to find out if the cert is valid or not is try to get to your webmail on PIE. If you get a message about the cert, your server is not set up completely.
For my server, I had no luck until I found the Intermediary Cert and installed it. https://certificates.starfieldtech.com/Repository.go
Once that was done, my GoDaddy cert worked on the PPC and syncs went perfectly. Once the server has all the certs in the cert path installed, the PPC can validate each level. Until then, its clueless. Most people think you need to install the cert on the PPC. Its the server that needs it.
Does the self published cert only cause problems with direct push? I've got the "old" polling method working. I created a root CA on my server to sign the cert created for the web server and then turned that root CA into a CAB which was installed on the PPC. I should say that my phone doesn't have an AKU 2.xx rom on yet so I've not tested push mail.
This is all outlined in the following doc :
http://www.microsoft.com/technet/itsolutions/mobile/deploy/msfpdepguide.mspx
Also look at http://support.microsoft.com/kb/817379 if you are running a non sbs2003 exchange server in a configuration that doesn't have a front end/back end exchange server configuration. As there are some minor tweeks needed to the registry and to the default web server setup.
If you can do a remote Activesync, then DirectPush will work just fine.
A newbie Direct Push question:
I upgraded my 8125 ROM to the official Cingular June 19 version, and direct push SEEMS to be working great my my Hosted Exchange provider. When new email comes in to my Exchange server and/or a task / calendar / contact is changed on the desktop Outlook client, those get pushed quickly to the 8125.
Problem is, it doesn't seem to work in reverse. For example, IF I get an email pushed to me on my PDA, I read it and delete it on my PDA.....that deletion action is NOT getting syncronized back to my Exchange server. Is that by design, or is indeed something wrong?
Thanks in advance!
not sure if it helps, but you can change when pocket outlook deletes mail, there are 3 options:
on connect/disconnect
immediately
manually
I dunno if changing that will help you at all, but its in the pocket outlook options.
I'll shut up now, in case I misunderstood
jmel said:
not sure if it helps, but you can change when pocket outlook deletes mail, there are 3 options:
on connect/disconnect
immediately
manually
I dunno if changing that will help you at all, but its in the pocket outlook options.
I'll shut up now, in case I misunderstood
Click to expand...
Click to collapse
I appreciate your reply, but my question is beyond that......it centers around Driect Push.....my thinking is, regardless of that setting you referred to, once the email is deleted on the PDA, the PDA should "reverse-push" that deletion to the Exchange server, and mine does not seem to be doing that.
I hope that is a little clearer?
No, his answer was right. The reverse of the Push is not the same. You have to set the options as Jmel suggested. Its basically to save data.
This allows you to go through your mail, delete all your spam and crap, then update the server. Doing so immediately would be a waste. Recieving/sending emails is considered vital, deleting them...not so much.

Exchange Self signed certificate for use with HTTP over proxy connection

Hey first post! loving the forum by the way. and the HD2 phone. I already have my personal email with pop set up.
Just wanting to set up my exchnage account from work.
It has a self signed cert and i connect to the exchange via HTTP.
Ive saved the .cer file to the memory stick but i dont know what to do with it. Any advice appriciated.
Right, clicking on the cert and installing, Going to the certificates setting, its been placed in the "intermediate" catorgory. To get active sync and outlook working....Now what?
just click it, also, make sure you have trusted the certificate authority from your work, not just the exchange servers cert as it has no way of working out who made the cert...
I have the trusted certificate, when i "just click it" it opens with the detials of the cert... I will try alittle more today but i was assuming there must be an option to set a http proxy like in outlook.

[Solved] Having problems handling Microsoft Exchange Email on my HD2

Hello
I've had my HD2 for almost a month now (replacing my iPhone 3G) and prefer it over my 3G in every way, except Microsoft Exchange email support.
I'm trying to connect to my Uni account. It syncs OK the first time/few times after a hard-reset but afterwards I keep getting the invalid security certificate error below
I've searched everywhere and tried different ROMs but no solution. I didn't have to provide any digital certificate for the iPhone or Outlook on my laptop..
I use the same settings on my iPhone (SSL enabled etc)
Anyone else have this problem?
Thank you
the problem isnt the hd2...... it is your lack of having the right cert your iphone downloaded it winmo requires u to install winmo handles exchane perfectly if you set it up right
So if I remove the iPhone from my synced devices list in OWA will it work?
what you need to do is get the cert your webmail is using. By going to the site you should be able to click the lock icon by the address in internet explorer and view the cert. Export it (copy to file) as a .cer file and put it on your device. then click it in file explorer on your phone and it will install. Once you get it installed it will work perfectly.
Ignore me - as above
Thanks for the replay. I came a cross a solution like that yestarday but it didn't work.
Anyways i've tried again now and heres what I did: deleted the exchange account on the phone completely, exported a certificate from OWA on firefox but it came out as a .crt which the phone can't read, so I converted it to a .cer and opened it on the phone, it gave me a sucess message.
Now I added the email account again and like before, it synced perfectly. However I soft-reset and can't sync anymore..
I use gmail over activesync. You could set up a gmail account and see if that works. If it does your exchange isn't setup properly...
I want to add that I never had any issues setting up an exchange mailbox on activesync. Some haertbeat issues yes, but never the setup itself.
I highly doubt it since a uni would probably use 'the usual' routes for ssl certs, but you might have to export & add the intermediate certificates.
As an example, here is mine, using FF so you're looking at a consistent screen.
If you click on the line ending in (2048), it is a different cert than the one ending in "- L1B" So export all 3 certificates (or however many lines you see) and import them over.
For the record, my exchange works perfectly fine as well.
mazzarin said:
I highly doubt it since a uni would probably use 'the usual' routes for ssl certs, but you might have to export & add the intermediate certificates.
As an example, here is mine, using FF so you're looking at a consistent screen.
If you click on the line ending in (2048), it is a different cert than the one ending in "- L1B" So export all 3 certificates (or however many lines you see) and import them over.
For the record, my exchange works perfectly fine as well.
Click to expand...
Click to collapse
THANK YOU
I've exported all three and worked.

Categories

Resources