Question : Installing a root certificate on cell phone for EAS

Experts, I apologize for the length of the question. I wanted to give as much information as possible which included going through a step by step process for importing the certificate.

OK. I have an HTC Touch Pro with Windows 6.1 and am trying to sync to Exchange Server 2003. After a long question, an expert narrowed the problem down to a security certificate.

I have a commercial certificate which I purchased from RapidSSL on Exchange. It works fine, and I am able to access OMA from inside the network and outside the network. The certificate is issued by Equifax and is Equifax Secure Global eBusiness CA-1. Not sure if you need the whole name.

The default root certificates will not work, so I RapidSSL gave me one for the root directory on the phone. I was having difficulty installing it, but finally used Mestha's site to install it. I was able to install two certificates (I have tried multiple times) but they do not work.

I have tried using the certificate which RapidSSL gave me yesterday specifically for the phone, and I tried using the certificate which I have on the server. I was successful using Methsa's method, but there were a few steps where I could have gone wrong and, given all the variables, it would be easier to narrow it down. So, I will go through the steps where there seemed to be more than one option.

1. I created the basic XML file in notepad. That was no problem.

2. I then opened the certificate (most tries were with the code/certificate given to me yesterday which is different than Exchange's certificate and clicked on Details.

3. Highlighted thumbprint, copied the contents to a notepad, deleted the spaces, and then copied the numbers and characters into the first file replacing the "thumbprint of certificate" (I left the quotes) This left me:

4 I then opened a fresh notepad document and dragged and dropped the certificate file into it.

5. As instructed, I copied everything between ---BEGIN CERTIFICATE--- and ---END CERTIFICATE--- and pasted it into the original xml file in place of the entry "certificate hash" (leaving the quotes)

This is a spot where I have a couple of questions and want to make sure I am not doing something wrong in this step. First, when I made the original .cer files by copying the large amount of characters given to me (not sure what that is called -- code or whatever?), I copied the entire certificate INCLUDING the Begin Certificate and End Certificate and hyphens. That must have been correct as the certificate worked. But, here I did not copy them as I understood the directions to not copy them. Just want to make sure that is correct.

ALSO and this is key, when I pasted the contents into the original file as in number five above, I get a result. But, I am not sure if it is supposed to look exactly as the one on the site, e.g. should it start with
6. I then renamed this file _setup.xml and put it on my C: drive. I then opened a command prompt, changed to the C:\ directory and entered the command as instructed. This produced a .cab file.

7. I copied the .cab file into ActiveSync's Explorer which of course moved the file to the phone. I browsed to the cab file and tapped it. It asked for permission to import it, I said yes, and it imported. It was then in the root certificate directory on the phone and was an Equifax certificate and I tried a sync.

It did NOT work! gggrrr. Very frustrating, but I am trying, and I must be getting close.

To be completely accurate, the error number on the phone is 0x85030027. The result reads,

The Microsoft Exchange Server requires a PERSONAL certificate to log on. Please obtain a certificate as directed by your corporation or service provider. (All caps for personal by me -- just want to differentiate from intermediate or root).

So, while I would think it should be a root certificate, do I really need a personal certificate?

Thanks.

Bert

Answer : Installing a root certificate on cell phone for EAS

Hi,

Don't go for lenghty process. just try a short workaround. this was successful in my case
Open your IE and browse your OWA site. Note down the security certificate issuing authority.
Open IE > tools > InternetOptions > Contents > Certificates > Trusted Root Certificate authorities
Select your noted certificate. and export it.
.Copy this exported certificate into device using any method. Blue tooth or using usb cable
"Tap "Start", "Programs" and "File Explorer".
"Tap the Certificate File that you want to import. (Note: File Explorer does not show extensions, so make sure you select the correct file, for example by checking the file size).
"The certificate(s) included in the file are imported: "One ore more certificate were installed successfully.". If an equivalent certificate (i.e. with the same name) already exists on your Windows Mobile device, it will be silently overwritten. So make sure you tap the correct certificate file.
Check in certificates that imported successfully. and try now

Random Solutions

Get each sheet in a workbook into seperate new workbooks and save as the sheet name.

Microsoft Outlook 2003 cannot open!

e-mail form data using SMTP on Exchange

What Has Happened to the Windows Boot?

Disable most MS Desktop Search features except for Outlook 07 integration

trendmicro serverprotect antivirus strategy

Allocating memory to increase performance in PhotoShop and Illustrator

An error occurred processing your Junk E-mail lists. You are over the size limit allowed on the server. Contact your server administrator.

ATI TV tuner and Vista

ASP.Net AJAX Client Framework failed to load.