Thread: Sync Windows Mobile 6.1 with Exchange Server
View Single Post
  #24 (permalink)  
Old 01-30-2009, 12:33 AM
nttdemented's Avatar
nttdemented
Regular 'Geeker
Offline
Location: Dorado, Puerto Rico
  
Join Date: Oct 2008
Posts: 440
Reputation: 345
nttdemented is becoming a PPCGeeks regularnttdemented is becoming a PPCGeeks regularnttdemented is becoming a PPCGeeks regularnttdemented is becoming a PPCGeeks regular
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Re: Sync Windows Mobile 6.1 with Exchange Server
Quote:
Originally Posted by rileyd5 View Post
I had several issues with exchange sync errors with my company. I finally figured it out myself using this information. If this has been covered, my apologies but I wanted to get this out anyway. Essentially just installing the root certificate wasn't enough for me. I ended up installing certificates to the intermediate level as well and finally starting connecting properly. It has worked flawlessly for months now. Here is the article on how to get certificates and install them. the key is to grab all the certificates meaning grab not just the root level cert but the ones above it as well (you will see this after reading the article). they will install to the intermediate level. good luck.

this allowed me to install two more certificates to the intermediate level rather than just the root level.
http://www.confusedamused.com/notebook/installing-windows-mobile-60-root-certificates/
Actually the ONLY certificate you need to install to the phone is the one that trusts the provider of the root certificate. No need to install the root certificate itself on your phone prior to configuring active sync with your exchange server.

For example, if you buy your certificate from Network Solutions the only cert that the phone needs is the .cer issued by: "UTN-USERFirst-Hardware". After that just setup active sync on your phone normally and it will request your domain's root certificate from the exchange certificate and advise that the server is going to apply security policies on your phone and presto! If you think about if from an administrative perspective this makes total sense as this certificate adds the trust zone for your third party certificate provider wich will be valid for a very long time (mine is valid until 2019). That way when you update your certificate anually on your IIS server there is no need to send new certificates to the phones, they will automatically acquire the new certificate from the server once it's available, as long as you renewed the certificate with the same third party provider.
__________________
nTT ROM v2.0D
Reply With Quote