Has anyone managed to install a certificate to encrypt email?
I need to use secure email for work, came from WM6.5 where I was able to install a Comodo email certificate
TIA
Docsboard said:
Has anyone managed to install a certificate to encrypt email?
I need to use secure email for work, came from WM6.5 where I was able to install a Comodo email certificate
TIA
Click to expand...
Click to collapse
no takers?
Hi,
I've managed to obtain a Comodo certificate and install it on my Desire.
I tried requeting the certificate on the Desire but it failed to install no matter what I did. So I requested it on my laptop instead, installed it to my laptop then exported it in PKF format. Copied the PKF file to my Desire and then renamed it to have the extension of PK9.
Put the PK9 file in the root of the SD card and ran the import certificate option from the security menu in the phone. This worked, the certificate was installed on my phone and I can see it.
Now here's the problem - Despite the certificate being installed I cannot find any way to use it to sign or encrypt emails on the email client on the Desire.
I guess I'm in the same boat as you
I am still trying to figure this out as well. We use IPSec based VPN to connect to the company network. Once authenticated at the firewall, we use our domain account credentials to authenticate to the microsoft exchange server.
Are you guys able to access internal websites that require certificates?
I am logged into my company wireless router and I am able to connect to non access controlled internal websites (i.e. http://). However, I am have been unable to connect to access controlled internal websites (i.e. https://).
Related
Hi all,
I have just upgraded to ROM 2.17.7.6 FRF on my Qteck 9100, service provider SFR (France).
Big problem : I cannot sync anymore with my Exchange Server. I understood the source of the problem: the Exchange self signed certificate is missing on the device after the Rom update. I tried to install it manually (by copying the .cer file via AS onto the device) but when I double click on the .cer file in the device, I get the message "Access to the certificate is impossible" (translated from French). There seems to be some kind of protection againts installing root certificates.
Any idea to get around this ?
Thanks -- any help really really appreciated. I am quite desperate at this stage...
Did you make sure to export the root certifcate in binary not MIME encoded format?
For me it worked to import a binary root certificate.
Thanks TcT.
Well I am not sure of the content of the .cer file.
What I did was simply copy the original .cer from the Microsoft Server to my client PC and then via Active Sync to the device and then double click on it. Nothing else.
What did you do?
There are several ways to export that Cert so that you can copy it though. DER encoded binary is what you need to use. In my case, I used a copy of my server's root cert on IE on my desktop. I exported it in DER format then copied it onto my 8125. I then tapped it and chose "install certificate".
In fact, I just tested this again on my Qtek 2.17 equipped 8125 and it worked perfectly.
Thank you Sleuth,
sorry to ask dumb questions but how do you use IE to import the cert in the requested format? What I did is I went to the \clientapps directory of the server and simply copied the .cer file. I suppose this is wrong.
You can double click on the .cer file on your PC there should be an "export" or "copy" button somewhere in that dialog there you can export the .cer file in different formats/encodings.
TcT great it worked
10 000 thanks. That was the trick
Exchange Activesync with Certs enabled
Hi,
I also have a Qtec 9100 an am unable to sync with Exchange using Certificates
I can sync if i turn OFF SSL on the server, i can also sync if i add the appropriate reg key into the device to disable Cert checking however i am curious to know if others have been able to sync using a manually created Cert .
i have tried exporting the cert from the server and the Desktop PC in all available formats and i am able to import this into the Trusted Root folder on the Qtec however each time i try to sync i get the error :
0x80072F01
Synchronization failed. The security certificate on the server is invalid. Contact your system administrator or ISP to install a valid certificate on the server and try again.
any assistance is greatly recieved
Jedismurf
Certificate Uility
There is a great certificate import utility available...
http://www.jacco2.dds.nl/networking/crtimprt.html
I have used the PFXimprt but the newer one - P12imprt does WM5 and WM 2003.
Hello Everyone
I have configured my server & device (SPV M3100 WM2005) to allow direct push but when I sync I get a error which states my security certificate is invalid?
I created the certificate via StartCom Free SSL CA which have sucessfully installed on my server. (OWA & OMA all working correcly using SSL)
However when I try direct push I am unable to sync receiving the above security error.
I have tried exporting the cert to my device..no luck
I have tried using the smartphoneaddcert..no luck
Is this a problem with my orange operator not allowing SSL cert to be installed?? Is there away around this? Eg registry hack etc? If yes, how?
thanks in advance
Jonathan
Check the date and time on your device... it must be correct for the cert to be valid...
Also search for adding root cert via xml in google.
You could just disable security entirely...
You have to make sure the CA issuing the SSL cert. to use is in the trusted root CA list. If that's unsure, you can add the root CA cert again. The free SSL cert company should have the cert being able to download. However, if it's internal CA via Windows, that pretty easy: just use PIE to browse to the CA cert page and click "download root cert". Good luck man.
And if you can't get the certificate to download, you can always put the root certificate on your PDA (by AS) and execute it, then it'll also be registered propperly. After that, it should defenitly work.
i too use StartCom Free SSL. works great!
TseLawrence said:
You have to make sure the CA issuing the SSL cert. to use is in the trusted root CA list. If that's unsure, you can add the root CA cert again. The free SSL cert company should have the cert being able to download. However, if it's internal CA via Windows, that pretty easy: just use PIE to browse to the CA cert page and click "download root cert". Good luck man.
Click to expand...
Click to collapse
I downloaded the cert from the CA page however my device does not recognise the file. It saves as aphp file?
Heimiko said:
And if you can't get the certificate to download, you can always put the root certificate on your PDA (by AS) and execute it, then it'll also be registered propperly. After that, it should defenitly work.
i too use StartCom Free SSL. works great!
Click to expand...
Click to collapse
I emailed the cert which was installed on my server, then sync'd it to my device without luck? Do i need to sync while actually attached to my server. I am currently doing all this remotely as I do not have physical access to the server as of yet?
JOY JOY Worked it out!!
I exported my Cert as a "PKCS #7 Certificate"
When I opened the cert I had all three certs in the chain.
I then sync'd all three cert onto my device and installed in order.
My device is now syn'cd via direct push!
Yippeeee
Hi,
Im trying to sync email trough internet. The problem is this, it says:
the securite sertificate on the server is invalid. Contact your Exchange
Server administrator or ISP to install a valid certificate on the server.
Can i some how get pass this message? Can i change some settings that it wont alert me that kind of messages?
When i use mail with IE browser it gives the same error but i can pass it just pressing continue and email works fine but tytn gives no continue buttons.
and my phone is hermes 200
-Matti-
Hi Matti,
If your trying to use SSL, a PocketPC needs a proper SSL certificate installed to sychronise.
You need to install the root certificate - a good way to do this is by exporting the Root certificate to an CER file through IE. You just go to the site on a PC, and double click the little padlock. Then click export to a file to get the .CER file.
Once you've done this, copy it to your Pocket PC, and it should work immediately.
Good Luck
What is the path where I copy the file?
Cant find oultlook folders
Ok. Now I installed it and same error message appears.
Any ideas?
Is there any way to turn off certificate validation in windows mobile 5.0?
Ok I think I need this file but I dont have that CD. Could someone email me that file, please
AS_Cert_Off.cab it is on the Microsoft Mobile Information CD
I need to install a certificate for wifi on my university. As you all know PEAP needs a personal certificate. But when i install the certificate it's placed in the base folder and not in the personal folder.
Yes i added the ValidateServerCert to the registery.
Anyone can help?
If I am not mistaken it should be in the base
or it may depend on the certificate
In my case I also need a cer to use my Uni's WiFi and when I install it I find it in the base list
my problem is the certificate seems to be outdated otherwise according to the instruction I had the certificate should be in the base list.
Not sure if this helps, I have a digital certificate which allows me to get onto my work email from home.
I just copied the certificate to my memory card and then opened it through the phones file explorer.
It installed the certificate for me.
I installed the certificate the same way as you. But when i try to connect the router, it says: "you need a personal certificate" and personal certificates are used to identify yourself and base certifactes are not. So i think i need to get that certifacte to te personal folder.
Have you tried via ActiveSync? Saw an option last night, although have no experiences with certs.
Try secureW2 plug-in. (use google to find it)
A common problem is that you need certain root certificates as well- and WM doesn't download/ install them.
There are even networks that you won't be able to connect to using PEAP- like the one my uni uses. Don't ask me for detailed reasons... It's some kind of yet unsolved WM-WiFi-certificate-issue.
i use secureW2 as well at my university... works great
I've read and searched and Googled but I can't find an answer
I recently flashed my first Android NAND ROM: "CMYLXGOroms.Stock.Desire.HD.v1.1.4.1n.NAND.RMNET.NO-SQUASH-RAFPIGNA.1.7OC_CWM.zip".
Everything went smoothly and it all looks good except I cannot complete the Exchange ActiveSync account.
DETAILS:
1. I'm hosting my own Exchange server -2003
2. My SSL cert is self-generated from my own MS Cert Authority
3. I can view my OWA account via the native web browser w/o issue
4. My settings "appear" to be fine as I can reach the very end of the setup wizard. (If I change any of the ActiveSync account settings to an invalid option - say add an extra character to the server address - I receive an error when I click on "Next")
ISSUE:
1. On the last step of the setup wizard, when I click on "Finish setup" I receive the error:
"Failed to created the account. Please try again later."
QUESTIONS/THOUGHTS:
1. How to you import a SSL Cert in Android?
2. I've read about "Accept All SSL Certificates" dialog box you can check but I don't see one during the setup wizard - only the "This server requires an encrypted SSL connection". Is this a legacy setting or something that is hidden by HTC's SenseHD or? Is there anyway to access this option?
3. I've tried both checking and un-checking the "This server requires an encrypted SSL connection" - both give me the same failed result.
OTHER TROUBLESHOOTING:
1. I know this works as I've been successfully using Activesync with WinMo 6.1 & 6.5 on my wife's TouchPro2 and this works fine w/ the stock WinMo 6.5. So it's not a bad config on the back-end.
2. I tried installing Touchdown to see if that would work and I cannot get that to work either.
I'm getting really frustrated - any help would be GREATLY appreciated!
thnx
UPDATE:
I spent all day:
1. Creating a new DNS A record to point directly to my OWA server
2. Upgrading my SSL cert to an offical third-part cert from startssl.com (great service for free BTW)
3. Figuring out how to export/import/modify that cert to be installed on Android
I now have a nice DNS record that points to my OWA server (vs. the old DynDNS pointer) and I appreciate the SSL cert for free find, but I'm still ready to loose it over the lack of ActiveSync support.
Anybody have any idea if this is potentially a ROM issue and I should try another? Or is this a Froyo issue and I should try Gingerbread?
TIA