Results 1 to 18 of 18
  1.    #1  
    Hello,

    My company recently converted from Lotus Notes to Exchange 2007, and they are piloting the use of ActiveSync. Since it is a pilot program, they aren't giving much in the way of support.

    My account has been setup for Activesync, however, each time I try to sync, I am getting an error regarding an expired SSL Certificate on my device (Palm 755p with Versamail 4.0.1). After a couple of weeks of researching, I found various methods for extracting the SSL Certificates our OWA site uses, including the use of the SSL Chain Saver utility:
    http://www.microsoft.com/downloads/d...DisplayLang=en

    I have also tried going to my OWA site from outside our network, and manually saving/exporting the certificates in DER form, as recommended.

    I then imported these SSL Certificates with Palms CertMod tool:
    http://www.palm.com/us/support/downl...rtmodtool.html

    It seems every which way I try to save the SSL certificates and import them, I am still getting the same error message, including when I navigate to the OWA site using Palms Blazer web browser.
    Again, since this is in "pilot" mode at my company, our Exchange team has shut the door on support. I think the final straw was when I asked if they could give me the SSL Certificate, straight from the source. Very frustrating...

    The certificates seem to reference our OWA site by the exact URL, so I think I am close

    I appreciate your time. - John
  2. tpoon's Avatar
    Posts
    21 Posts
    Global Posts
    73 Global Posts
    #2  
    John, if you're service provider is either Verizon or Sprint, please ck the following:

    For instructions for Windows Pocket PC/SmartPhone devices on VERIZON click here:

    * http://www.microsoft.com/downloads/d...displaylang=en


    For instructions for Windows Pocket PC/SmartPhone devices on SPRINT click here:

    * http://www.microsoft.com/downloads/d...DisplayLang=en

    Hopefully this helps.
    Using FREE ActiveSync hosted by TheMessageCenter.com
  3.    #3  
    Quote Originally Posted by tpoon View Post
    John, if you're service provider is either Verizon or Sprint, please ck the following:

    For instructions for Windows Pocket PC/SmartPhone devices on VERIZON click here:

    * http://www.microsoft.com/downloads/d...displaylang=en


    For instructions for Windows Pocket PC/SmartPhone devices on SPRINT click here:

    * http://www.microsoft.com/downloads/d...DisplayLang=en

    Hopefully this helps.

    Thanks, I appreciate the information. Unfortunately, my 755p is Palm OS, not Windows Mobile
  4. #4  
    all you have to do is de-select the ssl option in versamail and use port 80. This does get rid of encryption for your phone but you really don't need it. Plus depending on if its a self signed certificate that our company uses also depicts if it will even work with your phone. Just remove the ssl option under the advanced tab in versamail and it will work just fine.

    If your cert allows you to add it to versamail I would be more then happy to explain all the steps. (but it has been a while since I got that to work and I have never gotten it to work on exchange 07 but Im willing to help)
  5.    #5  
    Quote Originally Posted by syphex View Post
    all you have to do is de-select the ssl option in versamail and use port 80. This does get rid of encryption for your phone but you really don't need it. Plus depending on if its a self signed certificate that our company uses also depicts if it will even work with your phone. Just remove the ssl option under the advanced tab in versamail and it will work just fine.

    If your cert allows you to add it to versamail I would be more then happy to explain all the steps. (but it has been a while since I got that to work and I have never gotten it to work on exchange 07 but Im willing to help)
    Thanks. I tried deselecting the SSL option, but now I am getting a different security error ("There was a problem with syncing. The server did not let you make a connection. Check the network security settings and try again"). I am assuming our Exchange team has required SSL. I appreciate any additional steps you may have. Thanks again
  6. #6  
    Did you catch the "use port 80" part as well in syphex's post?
    If you found my post useful then please sign up for a Dropbox Account, I could use the extra 250mb of storage.

    HOW TO: Zip/Unzip via Pre/Pixi using Terminal
    HOW TO: Modify DTMF audio (webOS 1.4.5 or earlier)
    Palm Pre wallpapers
  7.    #7  
    Quote Originally Posted by NachoB View Post
    Did you catch the "use port 80" part as well in syphex's post?
    Yes, forgot to mention that. In fact, unselecting SSL defaults my setting to port 80. Thx
  8. #8  
    hmm thats weird that it wouldn't allow you to use port 80.. even with 128bit ssl required shouldn't affect the phone. I am syncing to a exchange 2007 server that also has that option checked and I can sync on port 80.

    Is your company using a self signed certificate for that server? If not who is the ssl cert from?

    Also make sure that your have the centro update for versamail and you are not using the stock version that comes with the phone. www.palm.com/versamail407
    This version even though it says its for the centro has been tested by many people on the 755 and it works great.
  9. tpoon's Avatar
    Posts
    21 Posts
    Global Posts
    73 Global Posts
    #9  
    If 80 is not working, then where do the ssl certs originate from? Is there an administrator who can assist you with this?
    Using FREE ActiveSync hosted by TheMessageCenter.com
  10. #10  
    Quote and a quote, haha.

    Quote Originally Posted by tpoon View Post
    If 80 is not working, then where do the ssl certs originate from? Is there an administrator who can assist you with this?
    Quote Originally Posted by jpiden View Post
    Again, since this is in "pilot" mode at my company, our Exchange team has shut the door on support. I think the final straw was when I asked if they could give me the SSL Certificate, straight from the source. Very frustrating...
    If you found my post useful then please sign up for a Dropbox Account, I could use the extra 250mb of storage.

    HOW TO: Zip/Unzip via Pre/Pixi using Terminal
    HOW TO: Modify DTMF audio (webOS 1.4.5 or earlier)
    Palm Pre wallpapers
  11.    #11  
    Yeah, I have been around and around with our Exchange admins, but since activesync is in a 'pilot' stage at my company, they aren't offering any additional support beyond some basic steps of configuration.

    The SSL certificate looks to be issued by VeriSign, Inc, so I am not sure if this is something they created custom using VeriSign software. I am using Sprint Mobile Email Work as a work around for now, but I dont like having to keep the redirection software running on a seperate PC.
  12. #12  
    Okay a couple of things to pay attention to. Being a exchange server 2007 you have some extra stuff that might get in the way of activesync working properly. Please check to see if you have forms enabled on your server. You check this by going to your OWA site and if it prompts you with a popup box asking for your username/password then it is not enabled and thats good. If you just get a yellow looking outlook web access screen then you have forms enabled. In my experience if you have forms based authentication enabled versamail doesn't seem to work.

    Verisign is a root authority certificate so you really shouldn't even have to fool with it. Verisign should work by default.

    Let me know what your owa access looks like and Im may be able to help further.

    UPDATE:
    Actually in exchange 2007 OWA has a blue page not yellow.
    Last edited by syphex; 11/19/2008 at 04:13 PM.
  13.    #13  
    I think the complicated way we have to log into OWA from outside our network may be contributing. If I am inside our network (and use the URL below) I get the blue login screen for OWA 2007. If I am outside our network, I actually have to login using a little key fob with 6 digits that rotate every minute, THEN I get to the Blue login screen.

    mailbox.mdanderson.org

    I work at a pretty large healthcare organization (18,000 employees) and I am one of about 600 I/T professionals who work there. I am pretty sure our exchange folks will keep me at arms length regarding they way the configured OWA, given their response so far.
  14. #14  
    It looks to me as if their login process is most likely causing your issue. They might have outside access blocked somehow. Ive never seen a setup like that before but I can see the reason for it. I would suggest using Chatter for your mail. That way you can test to see if the owa setup is whats blocking your access. Chatter uses owa instead of the traditional activesync to sync your mail.

    Dns had to be configured to point to either the edge server or the backend server address. If you have another component in front of that address I would bet thats whats blocking your access.
  15.    #15  
    Thanks for everyones feedback.

    One of my coworkers was able to get his WM Palm to work with our activesync, but i believe the certificate auto pushed to his device (or he already had a valid one).

    I took syphex's advice and downloaded a trial of Chattermail. I used it to hook up to our IMAP server and so far have been very happy with it. Since our server supports IMAP IDLE, its basically like I am getting push, realtime email. I'll still keep my eyes open, as I have this issue posted on a couple other sites, and let everyone know if I find the SSL resolution.
  16. #16  
    I'm having similar trouble on my 700p.

    I keep getting the expired error.

    We have our own certificate and the really weird thing is that I was able to use active sync for about 1 1/2 days before I suddenly started getting the error - right in the middle of the second day.

    Any thoughts on what would cause the change? The error message tells me to check the date/time on my device but there's no problem there.
  17.    #17  
    Quote Originally Posted by MaxGator View Post
    I'm having similar trouble on my 700p.

    I keep getting the expired error.

    We have our own certificate and the really weird thing is that I was able to use active sync for about 1 1/2 days before I suddenly started getting the error - right in the middle of the second day.

    Any thoughts on what would cause the change? The error message tells me to check the date/time on my device but there's no problem there.
    Yeah, thats exactly the message I get as well. I still haven't found a resolution, so I have been using Sprint Mobile Email 'Work', which includes a redirector I have installed on my desktop at work. I found that Chattermail was running down my battery pretty quickly, since it has a realtime connection with IMAP Idle. Sprint Email works, but I'd rather not have to depend on this application running to keep me connected to my emails.
  18. #18  
    hey guys I'm having SSL trouble too ever since our network team replaced the certificate on the server on Monday. Here is the error I am getting on the Treo:

    "There was a problem with syncing. The server cannot confirm this device is yours (unable to recognize your SSL certificate). Check the dat

    AirSAMStateMachine.c1913 14724 "

    Have you found anything else about how to resolve?

    Thanks much - what a PITA!

Posting Permissions