Hello,
Been using Black v1.2 for a few days, was holding out for version 2 before asking for help but this doesn't help me - excellent rom btw.
Our Exchange server is using self signed certificates, which have expired. I have been working on our Tech support to have this renewed but not holding my breath for this to be done anytime soon.
In WM5 there was a registry hack (added a DWORD of value 0 called secure to the partnership key) which forced activesync to ignore the above problem, however this doesnt work in WM6, does anyone have a solution to this?
I did try searching first but could see a solution.
Cheers,
James
Your tech support guys must be useless. Self signed certs, well so do I. But it only takes a couple of mins to re-issue and install.
Try running without SSL. This would work better, anyway.
If all of the certs have expired, they should be getting many problems with people failing to connect on their phones and any Outlook client using HTTP over RPC (now called Outlook Anywhere).
I don't agree
Self signed certs should be ok. Get a CER version and load it to the handheld. Previous versions of WM would take a program called CERTCHK.EXE and bypass the trusted root authority check. You can also install the root cert of your local CA, if you can have your admins deliver that.
Running without SSL transmits your password in the clear. NOT A GOOD IDEA, last I checked.
jeffreycentex said:
Try running without SSL. This would work better, anyway.
If all of the certs have expired, they should be getting many problems with people failing to connect on their phones and any Outlook client using HTTP over RPC (now called Outlook Anywhere).
Click to expand...
Click to collapse
Cheers for the Replies,
I had a go at extracting the root/intermediate certificate using sslchainsaver, and then installing them onto the device but I still get the same problem...
http://blogs.msdn.com/windowsmobile/archive/2006/08/11/sslchainsaver.aspx
Plus our server won’t allow none ssl traffic (a bit cheeky of them having no valid cert ), just looks like am stuck waiting for them to update the certificate...
btw for your information, this was the hack to force WM5 not to check the certificate.
http://winzenz.blogspot.com/2006/03/hacking-your-windows-mobile-50.html
Thanks again
James
I fixed mine the old fashioned way
James,
You may want to try this. Once I loaded Black 2.0, the cert said "expired". I went into WMDC, deleted the previous partnership, logged into Outlook. Connected the device, set up partnership, then let it sync.
It must have installed the cert, because ASync is working perfectly again.
Give that a go and see if it works.
Regards,
Steve
brownjl said:
Cheers for the Replies,
I had a go at extracting the root/intermediate certificate using sslchainsaver, and then installing them onto the device but I still get the same problem...
http://blogs.msdn.com/windowsmobile/archive/2006/08/11/sslchainsaver.aspx
Plus our server won’t allow none ssl traffic (a bit cheeky of them having no valid cert ), just looks like am stuck waiting for them to update the certificate...
btw for your information, this was the hack to force WM5 not to check the certificate.
http://winzenz.blogspot.com/2006/03/hacking-your-windows-mobile-50.html
Thanks again
James
Click to expand...
Click to collapse
silverfox0214 said:
James,
You may want to try this. Once I loaded Black 2.0, the cert said "expired". I went into WMDC, deleted the previous partnership, logged into Outlook. Connected the device, set up partnership, then let it sync.
It must have installed the cert, because ASync is working perfectly again.
Give that a go and see if it works.
Regards,
Steve
Click to expand...
Click to collapse
You Got my hopes up then
I gave that a go, deleted the partnership on the device. This time I used WMDC to set up the partnership, which did state that the Certificate could not be verified but gave me an option to use it anyway. But still the same result - I get erorr 0x80072F17 when trying to sync wirelessly.
Cheers,
James
Problem with Push Outlook eMail on Cingular
I have the same issue on this thread. I deleted all the partnerships and restarted several times but keep getting an error code0x85030027
MS Exchange Server requires a personal certificate to log on ....
Anyone has a fix to this issue ?
Thanks
Zimriman
Cingy Black 2.5
Related
I can't connect through PIE. Thanks,
You're going to have to give more info if you want any help. Config for OWA is very straightforward - just set up the http address of your OWA server in Activesync (option to sync with exchange server instead of locally) work through the options and then it activesync will work over the wireless data. That said, please make sure you read the various info sources for configuration before you ask a question thats answered elsewhere and get jumped on
If you have problems either risk it and post or PM me
lol, what possible reason would you have for accessing OWA on your Hermes...you should put it into ActiveSync on your phone for live push mail and auto updating contacts/calender etc. Unless you have a reason to NOT do this, i'm not understanding why you would want to use PIE to access OWA.
DeniaL said:
lol, what possible reason would you have for accessing OWA on your Hermes...
Click to expand...
Click to collapse
Only reason I can think of is access to Public Folders...?
I use OWA to access my work email system, occasionally.
Hermes Outlook actually syncs up with my own Exch2007 server.
Lets face it, we all use the device for different things in different ways...
philg2000 said:
Lets face it, we all use the device for different things in different ways...
Click to expand...
Click to collapse
i use mine to... mow my lawn and shave....
you?
I just get the message "error syncronizing" when I set it up in outlook or activesync. When I go back to check my settings the password is like 3 times longer than what i typed. "*************** instead of *******?
whodatfever said:
I just get the message "error syncronizing" when I set it up in outlook or activesync. When I go back to check my settings the password is like 3 times longer than what i typed. "*************** instead of *******?
Click to expand...
Click to collapse
That's normal, the number of ****'s doesn't reflect the length of your password. You should re-check your login details and connection settings though....
Could it be some security setting my company has placed on the server?
To set up pocket outlook to sync with your exchange server you need the option on the exchange server to connect via SSL.
You also need to get a copy of the SSL certificate and install it to your device.
If you can already access your email through your outlook inbox on your PC through SSL (Not OWA, look through the accounts settings in outlook) you are halfway there. Just get the certificate and install it to your device.
Absolutely could be an issue on your company's server. Where I work they explicitily prevent access via the server. I spoke directly to the sys admins of the server and they said OH we do that for security purposes as we only support Blackberries... If you want your email get a blackberry... Sorry not gonna happen. So I too use OWA all the time..
I am currently using WM6 and am trying to get EMail through our Exchange server setup; however, my Dash s620 will not properly save the server's address.
The address for our OWA is (ex) mail.email.com:8888/exchange
and this address works fine in Internet Explorer etc, but when I enter this into the phone it removes the /exchange and only saves up to :8888, which then gives me "Error synchronizing" when trying to connect. Our Exchange server does have Exchange ActiveSync enabled along with Direct Push enabled.
Any ideas?
Thanks in advance
I think that you have to check your ActiveSync settings on Exchange. I know that Microsoft have a lot of KB's about that.
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
jt76542 said:
It does the same thing on mine, erases exchange, but mine is cool. Are you sure you are putting in the Domain?
Click to expand...
Click to collapse
Yeah I've tried every which way I could think of for the login credentials.
I'll sift through some more MS articles tomorrow afternoon, see if I can't find anything... baffled though, really.
K this is going to be a huge PITA I can tell.
I adjusted the Virtual Directory for the default web site in Exchange System manager to point directly to /exchange, eliminating the need for anything after the :8888. It works fine in IE etc, quickly brings up a login prompt. Using the phone's IE and going to the http://mail.email.com:8888 works fine, prompts a login accordingly...
I configured a coworkers Blackberry to use our OWA and it works fine, but I'm not sure if it uses Push Email (Exchange ActiveSync).
What is it about the Dash that won't mesh? The server is not using SSL so I couldn't see it being a certificate issue (maybe it still is?). Is there anyone around who manages an Exchange Server and could perhaps shed some light on common settings that need to be adjusted for Exchange ActiveSync?
Such a nuisance
ActiveSync on the phone reports "The server could not be reached. Please verify the server name." Support code: 0x80072EE7
It reports back with this no matter how I enter the address (which again, works fine in IE). Devil phone
8888 is definetly not standard for publishing ActiveSync.
the software will connect to either MailServer:80 if the SSL checkbox is cleared or MailServer:443 if the checkbox is checked.
don't think you'll get ActiveSync connect to something else.
Why don't you change your port back to 80?
you are already exposing your server to internet without any form of protection (no SSL so your password can be sniffed over the network) and having port 8888 buys you nothing in terms of security since any port scanner will report the port as opened and eventually get the HTTP banner from the IIS Server.
So, get back to a standard config and you'll love your DASH again.
UM
hey guys,
am desperately trying to fix my home based exchange server. it's been running fine with 100% uptime since last december. about a week back i was twiddling with some settings in windows and completely destroyed it.
i lost my backup of the entier machine too (it's pretty much a dedicated box for exchange). hence did a rebuild.
however now i'm just not getting it to start up. symptoms:
- OWA (outlook web access) worked. both secure and insecure modes. works on my pc.
- does not work on my PDA - OWA works but no activesync
- disabled ssh and followed the instructions here
- the phone now gives error support code 85010004 "your account in microsoft exchange server does not have permission to synchronise with your current settings. contact your exchange server administrator."
kind of annoying!
- form based authentication is enabled
- basic authentication and integrated windows authentication are ON
- same error whether or not i require SSL.
any tips?
I occasionally get the exact same error message when I sync with my company's exchange server, I have to do a soft reset on the phone and then it works fine. No idea how to fix it so bump
we had quite a few issues originally and think this is one of them i think.
Most revolved around having a recognised accessible dns address that allowed a direct link.
never got ssl to work.
the other issue was getting appropriate certificates that were private to be issued when creating the sync partnership.
can u sync internally using exchange server via a cradled activesync?
get this 2 work first, then look to external push.
I ended up paying it engineers to get it to work over an sbs 2003 box as it was all to much.
but dns addresses being made public, that were also accessible internally (reverse lookup i think) along with no ssl and certificates being correct were our main hurdles.
issue fixed i'm all live! after all that effort i really feel i should open this up to those who don't want to spend days fixing it up...
check http://forum.xda-developers.com/showthread.php?t=346022. currently looking for testers for 1-2 days before i make a subscription based service!
So.. with Nexus One's Activsync integration, there was an option "accept all ssl"
With my incredible, it does not have that option (that I can see).. Therefore with a custom certificate from my company's security team, I constantly get warnings for the certificate. Very annoying and prevents me from syncing well.
Thoughts? Solutions?
Please move this to appropriate forum if I'm in wrong place. Thanks in advance.
I allowed me to chose SSL. From in your Exchange Active sync do the following:
Menu -> More -> Settings -> Account Settings
Scroll down to below the password or you can close the virtual keyboard and you should see it.
Thanks for your reply..
However, that option just says "This Server requires an encrypted SSL connection"
The old version had an option to accept all SSL Certificates.
This means, a custom signature coming from a very large technology company's, very extensive IT security team, will be accepted in any way shape or form.
Alternatively, if the certificate is "not from a trusted authority", then you get the warning over and over and over and over.. whether you accept it or not.
my company is using a godaddy cert, it works fine. i tried setting it up for a client who has 07 exchange and a cert, but its not a well signed one, it wouldnt work at all. so not that it is the best solution but u could get a godaddy cert for yourself.
iamodogg said:
I constantly get warnings for the certificate. Very annoying and prevents me from syncing well.
Click to expand...
Click to collapse
What is the warning? Do you know if they have their cert setup correctly?
I'm currently using the Touchdown app and using SSL. I haven't seen any warnings.
Touchdown will work fine. The certificate is obviously custom-built. We are a 60k employee company. They are not going to change the very for the limited android users.
Again, the 2.0 OS had a feature built in that allowed you to choose to accept all certificates.
Thanks for the work around/alternatives. Still hoping for a fix.
-------------------------------------
Sent via the XDA Tapatalk App
i had a clients incredible and it just wouldn't work, they were using a self sign certificate and exchange 07. i tried every setting i could, even after the software update1. yesterday i was determined to get it to work so i searched and searched. It just keep saying it couldnt authenticate. From what I found a couple things could work.
What I did:
I opened the browser and went to the company owa site. https://mail.company.org/owa, then onces there I could log in. I logged in as the user and it asked me to accept the certificate so I did. Then I was able to get into the users box. Then I added the exchange activesync account next and it work with one minor change in the domain field ( i just erased it). Form what I understand the autodiscover service on IIS needs to be running and working. Not 100% sure, but I got it to work so its worth a try.
What I tried, but didnt work:
Several sites said as long as you are connected to the network, but don't have internet then so the setup and it will continue. Then once it is setup then plug the internet back in and it will ask you to accept the cert and u just say yes. the option which you are talking about no longer looks available. Again its worth a try
Hope this helps
Yeah not sure what the OP means by "Custom Cert" as it's either a valid cert from a trusted CA or it's self signed. Nothing in between. I don't know why a company with 60K employees though would not have a valid SSL cert though...
Look at the cert properties and make sure the server name you are using on the phone matches the name on the cert exactly (if you haven't checked that already). This is the "Issued to:" field...
Hi all,
A strange thing it's happening to me. I just switch few day ago from android to wp7 and i cannot connect to my corporate exchange server.
With android i stay connected with no problem, but wp7 give me a lot of problems.
In a first moment, inserting all the right data in account and sync, an error advise me that the certificate is not valid... strange couse android neverask me a certificate. Anyway the IT office give me an autosign certificate that iend to my personal account on wp7 and install it. Now the error is change and i cannot sync to exchange with error code 80072F06 "Not updated... certificate problem.."
That's sound strange... in android the only message i had the first time i created the account that alert me that the remote server request to menage some information of the device.... continue or cancel. Obviously i continue, and all works great. Now in wp7 nothings works!!!
Creating the account in android i noticed i fields i selected to accept all SSL certificate. In wp7 i cannot find nothing similar.
Read on various blog i see that a problem is in exchange server configuration, not in wp7.... but however in android i had no problem.
So i ask you if exist some tweak registry key on wp7 i can manage to let accept automatically SSL certificate.
Sorry for my english.
Thank you.
Inviato dal mio EPAD usando Tapatalk
i have a similar problem too... i'm just migrating from galaxy s to focus
never had a problem with my office exchange using android
most likely a self signed certificate that has not been configured correctly, also try to get your admin to export the root cert for you not the one issued through OWA, but the one on the server.
I had the same problem. You have to install ALL certificates, including root and intermediate certificates. A good way is to mail to your windows live address and double click on the certificates.
Then everything will work without a flaw.
I dont know, why this works in Android and Iphone without installing those root certificates.
Frank
Just as a sidenote: you will have to restart your device before the certificates actually work.
ok. I'll try to install all kind of certificate the IT office can give me.
i don't now if the problem can be that the certificate has the address exchange.mybusiness.com while the external server i must set on WP7 is mail.mybusiness.com...
However on Monday i can do other try, first to launch the phone in the wall...
EDIT:
6 months have passed ...
Nothing more?
A few tweaks that will allow windows phone to accept all connections?