Quote:
Originally Posted by Tastypeppers
Update on the SDA. Couldn't get it to talk to my Exchange Server. 45 minutes on the phone with T-Mobile tech support. Certificate invalid is what it says as the error. Don't know why. It is a commercial SSL certificate. My co-worker has a TyTN gladly connecting to the server. F'ing Versamail 3.5 knows what to do.
Turns out that if you want to manually install a certificate on your SDA this can be done. With a bit of hoo-hah. The funny thing? When it installs, it installs the certificate as a root certificate, and the tech support guy said it is supposed to install as a personal certificate. Yet you can't tell the SDA where to install the certificate.
If only I could install the certificate in the right place all would be well. Googled the problem 8007f0d is the code if you want and funnily enough a TC thread came up first. Known problem.
My IT guy spent a bunch of time on this too.
The SDA goes back tomorrow. Ratbag b@st@rds can't sell software that works out of the box. Mumph. I'm not going to waste my time.
Hello, Treo 650. Did you miss me?
(The Treo seems awfully large and heavy).
|
Technical update (in the name of fairness to the SDA):
The problem is SSL certificates. The SDA doesn't know how to handle an SSL certificate on my Exchange Server that came from GoDaddy (Starfield). The solution is here:
http://www.drewery.net/blog/2005/11/...50-activesync/
First read the post, then go down to the comment on May 8 by commenter CT.
Just to secure this wisdom for all eternity, here is the post:
Quote:
Windows Mobile 5.0 & ActiveSync
We have a few Windows Mobile 5.0 devices appearing and need to get them hooked up to our Exchange 2003 system. We have the infrastructure already in place as we use Outlook Web Access and Outlook Mobile Accesss. We have our front-end servers load balanced and port 443 mapped through from the outside world.
Like its predecessor Windows Mobile 2003, WM 5.0 lacks a wide selection of trusted root certificates installed by default. If you’re using a non-maintream or self-issued certificate you’ll need to do a little extra configuration to get ActiveSync working over the air. With WM 2003 there was a tool to disable certificate checking but it’s not compatible with WM 5.0. Instead follow these instructions:
# In Internet Explorer go to your Outlook Web Access site and ensure your certificate is installed. To check the name of it you can double click on the padlock icon in the bottom right of the browser.
# Now in the Internet Options in IE go to the Content tab and click the Certificates button.
# Now go to the Trusted Root Certificate Authorities and find your certificate.
# Select the certificate and click on the Export button. Follow the wizard and select ‘DER Encoded Binary x.509′ when prompted.
# Choose a suitable file name and finish the wizard.
# You’ll now need to copy the exported certificate to your PocketPC device either via a memory card or by USB. Once it’s on your PPC simply tap it with the stylus and follow the prompts to install it.
With the certificate successfully installed you should be able to synchronise over the air.
|
And here is the comment that is specifically directed at fixing the GoDaddy / Starfield certificate problem:
Quote:
Aha! For those using Starfield (GoDaddy) issued certs, you must install the ValiCert root certificate. To download the ValiCert root follow the first 3 steps above to get to your installed certificates. Next view the certificate for your OWA server. Click the Issuer Statement button. You should be taken to a page with all sorts of ValiCert info and options. Near the bottom of the page is a CER file in DER format. Download and copy to your WM device. Install the cert by double-tapping in File Explorer or equivalent. That’s it!
This worked perfectly for me and I can now securely sync via ActiveSync over USB or OTA.
|
ActiveSync is now letting the SDA talk to the server. Mr. Google is All-Wise.