Announcement

Collapse
No announcement yet.

ActiveSync with Exchange 2003 using wildcard cert

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ActiveSync with Exchange 2003 using wildcard cert

    Hi,

    I have OWA working fine over SSL using a wildcard certificate from Equifax (who are in the list of trusted providers on Windows Mobile 6).

    However I still get this message on the mobile device when I try and sync:

    "The security certificate on the server is not valid. Contact your administrator or ISP to install a valid certificate on the server."

    Support code 0x80072F0D

    I have tried importing the certificate to the mobile device (apparently successfully). but the error message persists.

    Is this possible using a wildcard certificate (i.e. *.domain.org.uk)?
    If so how do I export/import the certificate to my device?

    Thanks

    Al

  • #2
    Re: ActiveSync with Exchange 2003 using wildcard cert

    Mobile 5 or 6?

    Wildcard certificates allow issuing a certificate on domain level, meaning the same certificate can be used for both mail.yourdomain.com and www.yourdomain.com. Windows Mobile 5.0 devices do not support wildcard certificates, so in deployments using Windows Mobile Devices 5.0 with multiple frontend Exchange servers, separate SSL certificates need to be obtained for each server if you are planning
    to use Windows Mobile 5.0 devices. Windows Mobile 6 supports wildcard certificates, so the same wildcard certificate can be used on multiple front-end servers.

    http://download.microsoft.com/downlo...hite_Paper.pdf
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: ActiveSync with Exchange 2003 using wildcard cert

      Are you sure that the root certificate is supported?
      There are more than one Equifax root certificates - and not all of them are supported by Windows Mobile.

      If you have a certificate type that is not supported then it is the ROOT certificate that you need to get on to the device, not your own. This is easily done using a cab file.
      http://exchange.sembee.info/mobile/certificates.asp

      I don't actually recommend the use of wildcard certificates with Exchange 2003 as it can cause problems.

      Simon.
      Last edited by Sembee; 15th July 2011, 12:26. Reason: URL Correction
      --
      Simon Butler
      Exchange MVP

      Blog: http://blog.sembee.co.uk/
      More Exchange Content: http://exchange.sembee.info/
      Exchange Resources List: http://exbpa.com/
      In the UK? Hire me: http://www.sembee.co.uk/

      Sembee is a registered trademark, used here with permission.

      Comment


      • #4
        Re: ActiveSync with Exchange 2003 using wildcard cert

        Thanks for replies, I am using Windows Mobile 6 and have now got it working.

        For those that wish to know I exported the certificate from my Exchange server as a .p7b file and checked the box marked 'include all certificates in the certification path'. Once installed on the smart phone activesync worked over SSL.

        We have had no problems thus far with OWA running with a wildcard certificate, what kind of problems can it cause?

        Comment


        • #5
          Re: ActiveSync with Exchange 2003 using wildcard cert

          All certs include the root cert like Sembee noted.
          cheers
          Andy

          Please read this before you post:


          Quis custodiet ipsos custodes?

          Comment

          Working...
          X