Thread: Apache WM6 Kitchen CE OS 5.2.1908 (Build 18508.0.7.0) 071117_1 Bugs/Patches
View Single Post
  #303 (permalink)  
Old 03-16-2008, 02:20 PM
bwonish's Avatar
bwonish
Lurker
Offline
 
Join Date: Mar 2008
Posts: 5
Reputation: 0
bwonish is a n00b
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Re: Apache WM6 Kitchen CE OS 5.2.1908 (Build 18508.0.7.0) 071117_1 Bugs/Patches
Direct Push - server certificate is wrong --

To confirm this bug: One of the biggest problems i initially had with upgrading to WM6 was that my email and contacts wouldn't connect with my company's exchange server or that direct push wouldn't connect. The problem is described as follows:

"That said, I'm having trouble getting my direct push to work again with my exchange server. We are using 2007 with a self-signed ssl cert. On wm5 I was able to use the registry changes along with importing the cert manually to make it work. With my new upgrade I am now getting the message "server cert is wrong". I was unable to find any real answer searching google and these forums. I have tried to manually import the cert and doing the registry change but I'm still running into the same problem.

To be more specific, without the registry change, I get a message stating the server is the wrong name, with the registry it just tells me the certificate is wrong. I have checked all date/time settings on both my server and my phone, both match exactly. I have full access to the exchange server and phone. Any ideas ? Are there any new registry tweaks that can be done ?"

I was able to fix this problem by importing a cert manually, without any tweaks, but it had to be done in the following way for mine to work (i will write this in the most basic explanation i can, so that hopefully everyone can follow):

1. Open Internet Explorer : Obtaining the certificate had to be through internet explorer, it wouldn't work through firefox or other browsers.
2. Go to your exchange.___.com email server for your company.
3. There should be a certificate symbol at the bottom right corner of your screen (the yellow/gold padlock). Double click it
4. click on the details tab.
5. Click on the "Copy to File..." button.
6. The Certificate Export Wizard should show up (or does for me). click next
7. I used the first format option DER, then click next.
8. give the certificate a name, save it to your computer
9. using activesync, just copy it over to the phone and from the phone, double click on it.

Most of this should be pretty straight forward, but when i first had this problem, i had problems getting a certificate that would work. My IT administrator sent me the official one off the server, but it wouldn't work. using the steps above, it works perfectly. I didn't have to use any registry changes at all, just finding the correct certificate fixed all the problems.

Hope this helps. Feel free to add any comments to this post or clean it up.
Reply With Quote