Announcement

Collapse
No announcement yet.

Activesync problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Activesync problem

    Dear All,


    I need you expert advice regarding Exchange 2007 Activesync. Below you can find our exchange 2007 servers information and configurations.

    We have 1 Microsoft Internal enterprise CA server
    We have 2 Client acsess server.
    One ISA server located at DMZ for publishing OWA, Outlook anywhere, Activesync.

    In CAS servers we installed certificate from our internal CA server in IIS named mail.hbl.net
    In ISA server we used commercial certificate from verisign named mail.hbl.net

    We successfully published OWA and outlook anywhere but we are not be able to configire Activesync.

    When we run https://www.testexchangeconnectivity.com for Activesync connectivity the logs shows some errors mentioned below.

    Testing Exchange ActiveSync
    Exchange ActiveSync test Failed
    Test Steps

    Attempting to resolve the host name mail.hbl.net in DNS.
    Host successfully resolved
    Additional Details
    IP(s) returned: 202.125.133.232

    Testing TCP Port 443 on host mail.hbl.net to ensure it is listening and open.
    The port was opened successfully.
    Testing SSL Certificate for validity.
    The SSL Certificate failed one or more certificate validation checks.
    Test Steps
    Validating certificate name
    Successfully validated the certificate name
    Additional Details
    Found hostname mail.hbl.net in Certificate Subject Common name

    Validating certificate trust for Windows Mobile Devices
    Certificate trust validation failed
    Additional Details
    The certificate chain has errors, Chain status = NotTimeValid


    Iíve been browsing internet for a long time, and cannot find any straightforward solutions

    Thanks and regards

    Atif

  • #2
    Re: Activesync problem

    Have you spoken to Verisign about this? Given the cost of their SSL certificates I would hope they would provide support.
    The error means the chain is broken, probably because of a missing intermediate SSL certificate somewhere, incorrect time zone, expired certificate, something like that.

    Simon.
    --
    Simon Butler
    Exchange MVP

    Blog: http://blog.sembee.co.uk/
    More Exchange Content: http://exchange.sembee.info/
    Exchange Resources List: http://exbpa.com/
    In the UK? Hire me: http://www.sembee.co.uk/

    Sembee is a registered trademark, used here with permission.

    Comment


    • #3
      Re: Activesync problem

      Had this problem also and fixed it by following these steps:

      You have to copy & paste the following into a file and save it as a .cer file. The follow step 2 and step 3 in:
      https://knowledge.verisign.com/suppo...tent&id=SO8227


      -----BEGIN CERTIFICATE-----
      MIIDgzCCAuygAwIBAgIQRvzrurTQLw+SYJgjP5MHjzANBgkqhk iG9w0BAQUFADBf
      MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy 4xNzA1BgNVBAsT
      LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbi BBdXRob3JpdHkw
      HhcNOTcwNDE3MDAwMDAwWhcNMTYxMDI0MjM1OTU5WjCBujEfMB 0GA1UEChMWVmVy
      aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ2 4sIEluYy4xMzAx
      BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIE NBIC0gQ2xhc3Mg
      MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3 JwLmJ5IFJlZi4g
      TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhk iG9w0BAQEFAAOB
      jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx
      veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O
      OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqw Sye28CAwEAAaOB
      4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw
      KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY2 9tL0NQUzA0BgNV
      HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQ YKYIZIAYb4RQEI
      ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1 UdHwQqMCgwJqAk
      oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA 0GCSqGSIb3DQEB
      BQUAA4GBAECOSZeWinPdjk3vPmG3yqBirfQOCrt1PeJu2CzHv/S5jDabyqLQnHJG
      OfamggNlEcS8vy2m9dk7CrWY+rN4uR7yK0xi1f2yeh3fM/1z+aXYLYwq6tH8sCi2
      6UlIE0uDihtIeyT3ON5vQVS4q1drBt/HotSp9vE2YoCI8ot11oBx
      -----END CERTIFICATE-----

      Comment

      Working...
      X