Exchange and Certificates


Last Updated:

  1. Wadester

    Wadester Well-Known Member This Topic's Starter

    Joined:
    Jun 14, 2010
    Messages:
    249
    Likes Received:
    21
    I have a Small Business 2008 Server at home with Exchange 2007 tied to my RoadRunner account. Setting up my new EVO to use Exchange a month ago was a breeze and I haven't had any problems with it until this morning.

    When I turned my phone on, I kept getting a trusted certificate error over and over. I am using a self-signed certificate on my server -- which I thought would give me a problem when I initially configured it, but it didn't. I was expecting to have to install the certificate manually.

    After a few minutes, the message went away and I started receiving mail again. I haven't done anything major on the phone that might cause that, like installing an update.

    Does anyone else use the same thing and ever experienced the same message?
     

    Advertisement
  2. Misbehavin'

    Misbehavin' Well-Known Member

    Joined:
    Jun 22, 2010
    Messages:
    107
    Likes Received:
    26
    When you turned it on, were you on a different WiFi network that you normally are by chance? I've used a self-signed certificate for our Exchange server, and had one instance where a certain WiFi network gave me issues for some odd reason. It's the only place that has happened, and it was at an open WiFi point at a hospital. I can only assume it had something to do with their firewall configuration, and maybe what they were blocking.

    Keeping that in mind, it's also possible that the ISP for the network you were on could have been doing something hokey that may have affected it momentarily.
     
  3. Wadester

    Wadester Well-Known Member This Topic's Starter

    Joined:
    Jun 14, 2010
    Messages:
    249
    Likes Received:
    21
    Well, I was at home which I've used before without issue. I don't even remember if the WiFi was even on this morning so I don't know if it was bugging out when connected via my internal network or Sprint's 3G. Good thought, tho.
     
  4. Misbehavin'

    Misbehavin' Well-Known Member

    Joined:
    Jun 22, 2010
    Messages:
    107
    Likes Received:
    26
    Aside from that one location, which was a repeatable event when I dropped by a few days later, I've had no issues. In your case, being that you normally connect there, I'd consider it a fluke unless it happens again.

    If it does happen again, I'd check your firewall logs. That might tell you a lot about what's going on and provide some valuable information. I'd love to have had the logs from the hospital's firewall to glance through. I'm also curious if there would have been any difference between the self-signed certificate vs. one from a known certificate authority. Wouldn't think so intially, but you never know with these sort of things.
     
  5. htcevolee

    htcevolee Well-Known Member

    Joined:
    Jun 10, 2010
    Messages:
    255
    Likes Received:
    56
    Maybe the phone and Exchange had to recreate the trust which is why it prompted. Im guessing the Self Signed Cert hasnt expired correct?
     
  6. Misbehavin'

    Misbehavin' Well-Known Member

    Joined:
    Jun 22, 2010
    Messages:
    107
    Likes Received:
    26
    It shouldn't have. I believe self-signed certificates have a valid lifespan of a year. That may vary for SBS2008 though, although I doubt it.
     
  7. ca92807

    ca92807 Member

    Joined:
    Jun 14, 2010
    Messages:
    7
    Likes Received:
    1
    Get a multiple domain certificate (UCC) from Godaddy for under $90/year. Exchange 2K7, especially when published behind ISA, really wants this and will give you all kinds of errors without it. It is a big pain to install the first time, but you can find lots of guides on-line.
     
  8. Lappie2010

    Lappie2010 Member

    Joined:
    Nov 18, 2009
    Messages:
    13
    Likes Received:
    1
    I also had the problem one time at a Denny's open network. I ended up removing the account and adding it back and still had the issue in that Denny's.

    It worked fine after I switched to the 3G network and it works fine on my private Wi-Fi networks.

    Therefore, I agree, I think that some secure networks must be firewalled in a way that doesnt allow that communication.
     
  9. Misbehavin'

    Misbehavin' Well-Known Member

    Joined:
    Jun 22, 2010
    Messages:
    107
    Likes Received:
    26
    Is 2K7 that much of a change in regards to self-signed certificates? I have Exchange 2K3 running behind ISA 2006 and haven't had an issue with a self-signed certificate. Well except for the hospital, but that had to be their network as it's worked in every other scenario without a hitch. I do want to move to Exchange 2K7, although I probably won't do it until it's time for new hardware.

    I do wish now I would have bought a wildcard certificate when I picked up the SSL for our webserver. Oh well, live and learn.

    That was my findings as well, once back on 3G everything was good. This also ruled in favor of it being their network.
     
  10. Wadester

    Wadester Well-Known Member This Topic's Starter

    Joined:
    Jun 14, 2010
    Messages:
    249
    Likes Received:
    21
    Correct... expires in 2/7/11
     
  11. Wadester

    Wadester Well-Known Member This Topic's Starter

    Joined:
    Jun 14, 2010
    Messages:
    249
    Likes Received:
    21
    Well now this is interesting... while sitting here at work, I noticed a new message on my EVO:

    Data Call Failure

    Error code 67. Registration
    failure. Your PCS Vision
    Username and/or Password may
    be incorrect. Please retry again.

    I made a phone calle, browsed the web and even got a new e-mail from my Exchange server. WTF is going on, I wonder?
     
  12. Misbehavin'

    Misbehavin' Well-Known Member

    Joined:
    Jun 22, 2010
    Messages:
    107
    Likes Received:
    26
    Would you have done something that would have tried to wireless tether, or accidently use the phone as a hotspot? That's usually the message you get when you try one of those things and don't have that package added to your plan.
     

Share This Page

Loading...