Self signed certs sync issue, WM5 + SBS2003

Let me dog pile on this one too!

SBS2003 using self signed certs. WM5 device on the WLAN trying to sync with
the exchange server. Sync works fine until SSL is enabled.

1) At first I got "0x80072f17" which means it didn't like my server's
certificate. I tried to disable cert checking in the registry
(HKCU\Software\Microsoft\Activesync\Partners\Secur e , DWORD value of 0) and
that didn't do it so...

2) I exported my personal cert from my PC that was issued by my sbs2003
server. (Issued to my name, Issued by my current domain, valid expieration
date, with the intended purposes of EFS, Secure Email, and Client
Authentication) and imported that into my WM5 device. It showed up in the
certs window. I did a soft reboot, removed the server from activesync, soft
reboot again, synced and this time I got a different error, 0x80072F0D,
saying that my cert is invalid.



....

So, how do I make a valid certificate and get it out there so I can sync
using SSL?

Check out http://cert.startcom.org/. You will be able to create signed
certificates for your Exchange server. The catch is that the root
certificate needs to be installed onto your WM5 device. Luckily, you
can download one from them to install on your device. (I found that I
needed to rename the file extension from .der to .cer in order to
install it.)

-jpmahala


"Rosewood" <> wrote in message
news:Or54C1#:

> Let me dog pile on this one too!
>
> SBS2003 using self signed certs. WM5 device on the WLAN trying to sync with
> the exchange server. Sync works fine until SSL is enabled.
>
> 1) At first I got "0x80072f17" which means it didn't like my server's
> certificate. I tried to disable cert checking in the registry
> (HKCU\Software\Microsoft\Activesync\Partners\Secur e , DWORD value of 0) and
> that didn't do it so...
>
> 2) I exported my personal cert from my PC that was issued by my sbs2003
> server. (Issued to my name, Issued by my current domain, valid expieration
> date, with the intended purposes of EFS, Secure Email, and Client
> Authentication) and imported that into my WM5 device. It showed up in the
> certs window. I did a soft reboot, removed the server from activesync, soft
> reboot again, synced and this time I got a different error, 0x80072F0D,
> saying that my cert is invalid.
>
>
>
> ...
>
> So, how do I make a valid certificate and get it out there so I can sync
> using SSL?

1) Thank you John for your reply

2) I went to our server's secure site in IE on a computer that didn't have
the certificate already. I installed the certificate then used the mmc
certs tool to export it. I then exported into my WM5 device. At that point
I could go to the server's secure site w/o cert prompt.

3) Cleared old AS settings and soft reset.

4) Setup server to use SSL and away it went.


"Rosewood" <> wrote in message
news:Or54C1%...
> Let me dog pile on this one too!
>
> SBS2003 using self signed certs. WM5 device on the WLAN trying to sync
> with the exchange server. Sync works fine until SSL is enabled.
>
> 1) At first I got "0x80072f17" which means it didn't like my server's
> certificate. I tried to disable cert checking in the registry
> (HKCU\Software\Microsoft\Activesync\Partners\Secur e , DWORD value of 0)
> and that didn't do it so...
>
> 2) I exported my personal cert from my PC that was issued by my sbs2003
> server. (Issued to my name, Issued by my current domain, valid
> expieration date, with the intended purposes of EFS, Secure Email, and
> Client Authentication) and imported that into my WM5 device. It showed up
> in the certs window. I did a soft reboot, removed the server from
> activesync, soft reboot again, synced and this time I got a different
> error, 0x80072F0D, saying that my cert is invalid.
>
>
>
> ...
>
> So, how do I make a valid certificate and get it out there so I can sync
> using SSL?
>