Pre complains about SSL certificate on the exchange server

Hello.  I just got a pre and tries to set up to communicate with an exchnage server.  Pre complains and will not set up the connection with this error message: «"SSL certificate error.» Is the date and time correct? ».  The date and time are correct, but the server is running a self signed certificate.  This causes no problems with iPhones that use a lot of people here.

How can I fix it?  It is not all parameters for this problem.

I spent the weekend trying to test and understand what was going on.  I found that if I nominated the e-mail server (name after HTTPS: / / in Setup) the same as the name of certificate displayed in the Certificate Manager (Launcher > Device Info > more info > Menu > Certificate Manager), the error should disappear.  The problem for me was that the name of cert in cert Manager was different from address of mail server (in my case server. [domain .local] instead of mail. ([Domain_name] .com).  The transformation it seems to use is:

(1) find the certificate...

(2) CN is HTTPS: / / in the installer?

(3) If no, use error 'Verify the certificate, date and time not correct' (or whatever it is) - If Yes, go to HTTPS: / /.

(4) Exchange requires safety pin?  If no, proceed to synchronize - if so, use error "unsupported of security policies.

So I looked more closely CERT and it held several common names (CN) for the cert.  It seems that ANY OTHER DEVICE can filter through the list of common names, and use the one that works.  The Pre uses only (whether first or last, I don't know).

So, there are two options for the certificate problem (I guess the 3rd is that you can return the phone):

FIRST SOLUTION

=====================

(1) check the name of cert in cert Manager.

(2) if it is a name that can be resolved DNS (i.e.  [mail]. [mywebsite]. [com]) then change this setting in your exchange installation program in the mail server field beside the HTTPS: / /.

This will only fix it if your COMPUTER administrator has with permissions on the used field.  It is possible that an alias is used on other areas

SECOND SOLUTION (as I have done)

=================================

(1) ensure that your Certification Authority is installed.  You can do it by clicking START > ADMINISTRATIVE TOOLS > CERTIFICATION AUTHORITY - OR - on a computer on your network using IE/Safari/Firefox and typing http://server/certsrv.  If the page is found, then you are installed, if not, then you will need to have installed.

NOTE: SBS 2003 WILL AWARD A CERT TO THE IIS WITHOUT THE ROOT CA.  THIS SEEMS TO BE THE PROBLEM WITH THE AUTO CERTS GENERATED I HAD

(2) If you have not installed it, go to this topic, it is well written to get step by step instructions how to install, create demand for cert, create the cert and install the cert (it took me about 30 min).   http://www.MSExchange.org/tutorials/SSL_Enabling_OWA_2003.html

NOTE: IF YOU ALREADY HAVE A CERT ON IIS, YOU NEED TO REMOVE IT AS IT IS "DEFECTIVE" CERT BEFORE YOU CAN REQUEST A NEW CERTIFICATE.  YOU MAY BE ABLE TO REINSTALL OVER THE NEW CERT, BUT I DON'T KNOW

(3) open https://mail.domain.com/exchange on your computer - display details of the cert and save the file on your desktop - if you are using a laptop, you can also install it on your laptop to use for use outside the Office (this is also a good back-up that you can use to get more later if needed again).

(4) plug your pre in USB mode.

(5) slide the cert and unplug the USB cable

(6) go to cert Manager

7) tap on the icon of "Sun" at the bottom left

(8) press on the new file cert that you save in USB mode

(9) to confirm that the new cert appears with the name of the correct mail server

10) go to the e-mail program and configure the exchange account

The above will create a REAL root cert (not IIS domain root Cert) that the Pre can work with.

Really, I don't know that how/why Palm overlooked this possibility because they claimed so-called does not want to sell to companies who need strict security requirements.  For me, it means a small / medium company that has limited IT supports (according to the needs, pay as you or green guy with limited knowledge).  Then, why they test the GER in this environment, I'm not sure.  I bet they were tested on their own network, which has all the correct methods, best practices for the management of cert.  I guess it's like the developers that they have offended and almost lost their support until turned it over and said: 'sorry, we really want make you programs for our platform WebOS. ".  We've just been paranoid for so long salivate us when the bell rings. "They just didn't beta test this well enough.  The sad result of this is that Sprint will have to address all of the sheets because this certificate simple reading process was given only minimal recognition capabilities.

But having said that - I'm now completely in love with my pre!

I'm happy to try to help if you need it.  I found a lot of the forum of solutions were not enough detailed, so do not hesitate to contact.

Tags: HP Tablets

Similar Questions

  • Help generate the SSL certificate for the Security Server

    Hi people,

    We have server (ss - 01.mydomain.local) security and connection server (cs - 01.mydomain.local). Now intend to install a certificate on the Security server. What should be the common name.

    our Web site is something like access.mydomain.local.

    Also, we plan to install SSL only on security for internet access server, this will affect the internal users, access to the connection to the server.

    Thanks and greetings

    J P Raj

    Take a look at the link below

    https://pubs.VMware.com/horizon-view-60/topic/com.VMware.ICbase/PDF/horizon-view-60-scenarios-SSL-certificates.PDF

    Internal users will not be affected when you install the Security server certificates

    Simply create a CSr file > get certificates and import them to the Security server in the MMC guide explains practically everything. If you already have certificates wildcard certificates, then you can follow the sub process

    (a) export the server certificates

    (1) to connect to the server that has certificates

    (2) for this server to export it to a PFX format certificate.

    (3) open the Microsoft MMC Certificates snap-in for the computer account.

    4) navigate to certificates (Local computer) > personal > certificates.

    (5) right-click on the signed certificate that is to be exported.

    6) click all tasks > export.

    (7) on the Welcome screen, click Next.

    8) click Yes, export the private key.

    (9) if it is an option, click on include all certificates in the certification path.

    (10) enter a password for the private key. This is required for the import certificates.

    (11) to enter a file name and location. For example, C:\certificates\certificate.pfx.

    12) click Next.

    13) click Finish.

    b) import it to the use of broker or planned connection securityr.

    Certificates of thye 1) import (preferable Pfx format) for the server broker or planned connection security.

    (2) open the Microsoft MMC Certificates snap-in for the computer account.

    3) navigate to certificates (Local computer) > personal > certificates.

    (4) right-click the certificates.

    5) click on Import.

    (6) through the pfx and click Next.

    (7) enter the certificate password.

    (8) select Mark keys as being exportable.

    9) click Next.

    10) click Finish.

    (c) restart Consulting Services

    To restart the services:

    Log in as an administrator on the server that is running the Server VMware View connection server VMware View connection or VMware View Server Security.

    Click Start > run, type services.msc and press ENTER.

    In the list of services, right-click on the VMware View connection Server or VMware View Server Security service.

    Click on restart and wait for service to stop and start.

  • SSL certificate for the Security Server external facing

    Dear all,

    Today, I bought an external SSL certificate of DigitCert for our security server. I imported the certificates in the personal certificate (computer account) on the Security Server store. DigiCert provided three certificates, root CA, CA server and the other with the name of our domain. I renamed the vdm to the friendly name of the existing self-signed certificate and used the friendly name for the certificate vdm has our domain name. Subsequently, I rebooted consulting on the Security server. They are all released on except the "Display Blast Secure Gateway" service which entered the suspended state.

    On our facility, we have a connection to the server and a security server. To the Security Server, we use a different domain name for connecting to the server. We have an internal PKI and the connection to the server uses an SSL certificate.

    connection to the server = server01.internaldomain.com

    Security Server = server02.externaldomain.com

    Why the certificate cannot be loaded to view Blast Secure Gateway? I missed something?

    Thank you

    Edy

    I solved it. It was with the private key of the certificate. This is the reason that the Blast Secure Gateway could not load.

  • Setting the SSL certificate for the web user interface

    How can I configure the SSL certificate for the management of a SG300 interface? I don't seem to find the configuration option in the web gui?

    Hello Dirk,.

    For import / create / modify h99350 ssl please go to ' ' security > SSL server > SSL server authentication settings.

    HTTPS is enabled by default.

    Thank you and best regards,

    Siva

  • SSL certificates on the desktop HTML access

    I am configuring access HTML and try to correctly configure SSL certificates on the VDI desktops in a linked Clone pool.  Documentation, VMware wants us to install a unique certificate for each desktop computer that will be a pain and from what I see, is impossible.  Does anyone have an easy solution for this?  The main problem that I notice, is that the IP Office address is what actually shows in the URL.  How an appropriate certificate can be created with a DHCP address he will change all the time?  Any guidance will be appreciated.

    Connect via a connection or a security server the value "use secure gateway" for HTML.  Only cert is the entry door.

  • Update the SSL certificate on a security server?

    Good afternoon everyone,

    I'm trying to update the SSL certificate on the server of our security, but I'm running into some problems.

    DigiCert (we get our certs of), not like the VMWare KB article order to request a 2048-bit crt, so we used their tool to generate our a commandsfor us:

    keytool - genkey-server alias - keyalg RSA - keysize 2048, FULL domain name -.jks keystore - dname 'CN = CNNAME, OR = OUNAME, O = ONAME, L = NAME, ST = STNAME, C = CNAME'

    keytool-certreq alias server-file FQDN.csr - FULL.jks domain name

    (I did not show the exact details of the CN name, etc.)

    It makes the keystore a .jks instead of a .p12

    Should this cause problems?


    Because after I imported the cert in the keystore, change the config locked file to reference the key file and restart the Server Security Service, it does not restart properly. (Defining the locked towards the old works fine keystore file, then restarting the service works find though.)

    This documented error in Event Viewer:

    Not able to create the com.vmware.vdi.ice.server.JMXServer.main(SourceFile:211) MBean server
    javax.management.MBeanException: Exception thrown in the startServer operation
    at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:435)
    at com.sun.jmx.mbeanserver.MetaDataImpl.invoke(MetaDataImpl.java:220)
    at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:815)
    at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:784)
    at com.vmware.vdi.ice.server.JMXServer.main(SourceFile:209)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at net.propero.workspace.windowsinfrastructure.tunnelservice.TunnelService.run(SourceFile:34)
    at java.lang.Thread.run(Thread.java:595)
    Caused by: java.lang.Exception: ice beginning: null
    at com.vmware.vdi.ice.server.Ice.startServer(SourceFile:695)
    at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at com.sun.jmx.mbeanserver.StandardMetaDataImpl.invoke(StandardMetaDataImpl.java:414)

    Should I request/pay for a new cert so my base keystore is .p12 instead of .jks?

    Hello

    I think that the command you mentioned creating a CSR only. You get a digicert certificate after sending this rea and create a keystore with whom?

    Please follow the steps in this KB to complete the whole process.

    http://KB.VMware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalID=1008705

    -noble

  • Exchange server and Surface RT, can I use Mail app to connect to the Exchange Server for email (the same question is for contacts or people and calendar)?

    Hello

    Our company uses an Exchange Server for email, contacts and calendar.

    Can I use Mail app to connect to the Exchange Server for email (the same question is for contacts or people and calendar)?

    Kind regards

    Matej

    You must install the SSL certificate before connect you to the Regional service, the easiest way is to go to "desktop" IE10 open, go to the exchange server web access page, click on the notification of "certificate error" red and view / install the store "certificate authorities roots of trust." Then, make sure that your surface RT complies with the minimum requirements of security then connect to the exchange via the mail application server.

  • BlackBerry blackBerry 10 does not receive the emails from the exchange server

    Hello

    We have the problem that peripheral Blackberry doesn't synchronize with the server exchange since last week. This is valid for two (classic / Z30) among the four devices, the other ones (classic / Z10) are functioning normally. All have the 10.3.2.2474 version.

    I rebooted the unit and removed and rebuilt the e-mail account on the BB, but it doesn't help. Account settings are ok (no messages during installation). The device connects to the exchange server (for example, I can see the account's e-mail records in the options) and I can also send mails. But I don't get e-mails, calendar items, contacts, etc.

    Any ideas?

    Thank you

    Axel

    Hello

    I'm not 100% sure, but I think that there is a restart due to the update of the BONE last week. I don't know if this has coincided with the problem.

    I reloaded the OS yesterday via the LINK. It seemed to me that does not solve the problem because I have not yet received mail for a while. However, this morning the mails were back.

  • Configuration for the Exchange Server issue

    I have a question on an Exchange Server, I noticed that one of my Exchange servers has 4 partitions spanning 2 hard drives and a parition of M which is 55GO, but that does not appear in disk management. M partition contains the domain folder, the mailbox databases are on the D: drive. How will I know how much I really voicemails of disk space? And this configuration is supported?

    Chris

    The "M" 'virtual' drive that resides on Exchange (55 additional GB, its representation is not just messages of real exchange located on who will drive you have configured for the mail store).

    Another pattern on this drive "M":

    The default for this reader is the reader of 'm', but if you manually created a "M" drive before installing Exchange will change to another drive available. It is now recommended to 'disable' this disc.

    Run the "Best Practices Analyzer Tool" on the Exchange Server and it will find any question you should change. To turn off virtual drive is one he'll find and indicate what registry entry to change:

    http://www.Microsoft.com/technet/prodtechnol/exchange/downloads/2003/analyzers/default.mspx

  • What everyone uses for an SSL certificate on the wireless controller?

    If I use the SSL certificate generated locally on my WLC Internet Explorer always shows the "untrusted cert alert" when users try to authenticate through the web interface. What can I do to fix this do I need to buy a cert? If so where is the best and the best place to do this? GoDaddy? Also, I bought one for my mail server and had set a domain during the process name. What should I use for my WLC? The URL during the authentication process web show https://1.1.1.1

    RapidSSL is your best bet. It is less than $90 for 1 year with renewal and insurance. 5 years is like $ 380. GoDaddy will not work because they use chained certificates.

    On the VIP, you enter the DNS domain name as what you used on the certificate CN when generating a csr. Of course, you have to solve the CN name to 1.1.1.1 or change the 1.1.1.1 to another ip address that is not on your network. Restart the wlc and your done.

  • ODSEE 11 g and SSL certificate on the cascade replication topology

    Hi all

    I try to activate SSL on the replication topology cascade Department 11g with 4 cases including 1 hub.

    Can I use a multi server SSL certificate to spread on all servers?

    Any tips?

    Thanks in advance.


    Eugene

    Hello Eugene,

    Yes, it should work.

    Either ask a multiple server of your CA certificate and import it on Department via PKCS12

    or generate a CSR with a subjectAltName with certutil.

    If I remember correctly, add another name of subject certificate is possible on the side this even if it is not present in the request of cert,.

    -Sylvain

    ------

    Please check the response as useful or correct when it is appropriate to make it easier for others to find

  • Impossible to recover the Exchange Server Email Message through workflow vRO "retrieve messages (via MailClient).

    Hello

    I'm recovering emails from my email to the Inbox of Microsoft Exchange Server.

    I tried with integrated workflows 'retrieve messages (via MailClient)"located under the Library/Mail. But I got the error message "connection failed" when running the threshold of this workflow.

    myMailClient.connect (mail server, mailPort, mailUsername, mailPassword);

    I use the pop3 Protocol and port 143. Please see screenshot below. Although I am able to send the email successfully through workflow 'sent the notification' in the library/mail folder.

    I also tried with "imap" Protocol and port 25. It was also not working. I don't know why it doesn't work? Won't do anything in the input values?

    Please help me.

    MailError.pngt

    Thank you

    Miloud

    The problem is resolved after you import the SSL certificate for devices.

  • Missing an account e-mail coincides with the move of the VM of the Exchange Server

    Coinciding with a move to Exchange VM from one host to another, email before a certain date disappeared for a single account (about 40). It was restored from tape, but we are looking for a reason why it happened. This employee had left, two users have full access to the mailbox and to use it actively. We found nothing conclusive on the Exchange / Outlook end. is there a risk of data loss when you move a virtual machine and where I'd look for (log file) an explanation?

    Thank you

    To be honest, I don't think that the issue is with the migration - me smells like one of users accessing mail is manually moved mail out of the mailbox or put on automatic archiving - IMO if we he realized the entire mailbox migration corrupt would not be of a specific date and not just a single mailbox.

  • SQL 2008 R2 SBS install on the exchange server or it's own dedicated server?

    I have a client that is running a SBS2008 R2 server standard with SQL Express running on it and they need SQLSvrforSB 2008R2 sing Lang, my question is this SQL running on the current server that runs as their main domain server (Exchange/sharing etc.) or does it must be on its own server what is the specification of the server;

    HP Proliant ML350 G6

    Intel Quad Core Xeon 2.0 ghz

    3 x 450 GB SAS 15 k hard drives (6 bays)

    20 GB DDR SDRAM

    Thank you very much

    Hi kevinhuby,

    Your question of Windows 7 is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the IT Pro TechNetpublic. Please post your question in the forum of TechNet .
    http://social.technet.Microsoft.com/forums/en-us/category/SQLServer

  • Palm pre more (Verizon) does not connect to the Exchange Server

    I've been on the phone for 3 days (bought the Verizon Pre the day it came out) and couldn't connect to my companys mail server. I had a Palm Treo 755 for years and have always got my email to that. After days of talk with representatives of the Palm, I am told that no. Verizon Pre is able to connect to a server to exchange corp at this time. I'm quite upset hereby, since after listening to a Council of representatives of Palm, I've had a computer scientist to ensure that our server was updated, we had the correct certificates, etc. This of course took hours to complete, and the person of COMPUTING time is not cheap. So afte spend all that time and money dealing with this, I learned today by a supervisor at Palm that ANYBODY on Verizons network is able to connect to their mail corp server and that it was an issue that is discussed in.

    I searched the forums and found a lot of this Sprint service problems, but didn't find any with Verizon. Anyone else out there on Verizon and unable to connect? Or maybe the better question is, someone out there have a pre with Verizon and IS able to connect to their server Exchange (EAS)?

    Correction to my last post. After doing a reset on my phone and update of our server, I was able to connect to my email. Thank you for your comments update to SP2. Overall, I am still very upset over the phone support provided Palm. As I mentioned before, I brought to the SP2 SP1 vs option several times by phone and I said whenever it was not the question. Even my computer, have fought a little, to get this update since that he had heard the same information I did representatives of the Palm on the phone. After you have created an account on here and PDAguy pointing me to the long thread about people having a similar problem, I showed it to our it guy and he has fortunately upgraded our server to SP2.

    I'm happy to get this issue resolved, but feel still Palm mislead me along the way, probably cost me over $ 400 in IT supports, lost my time and traveling in a Verizon store to swap a perfectly good phone and I try the different options which should not be fooled. I did 3 different calls to Palm (with my COMPUTER technician who has been paid by the hour) and each call lasts about 1 to 1-1/2 hrs. Most of the current time on hold any 'research' rep my question.  Even had a representative on the phone to me lie and tell me that he was able to connect to our server (using my info) with a meadow he had with him. He told me so I had a defective phone, and I was directed to return to Verizon to switch the phone outside. After I had passed the phone out, and of course, it doesn't work, I was then told by another representative of Palm and his superior that it was a known issue and that person is with Verizon was able to connect to a server (with a pre) because of a software problem on the phone. I got a refund from Verizon to get this phone for $149, but with all my time lost, the cost of my computer and the lack of knowledge by representatives of Palm, I think I have probably the most expensive Palm Pre Plus there.

    Message edited by tjp2176 on 01/28/2010 20:03

Maybe you are looking for

  • 5 Ghz wlan connection possible with s ZTE?

    I run Firefox OS 1.3 and can not detect the 5 Ghz LAN wireless home.

  • 24 b017c: 24 - b017c dual boot with Win7 possible?

    The b017c is capable of running WIN7 pro in anyway shape? I really need to do a system dual boot with WIN7 If Yes.  WIN10 is not be nice to some specific software Attorney that I need to have to work for a client. Win7 is the latest OS, this software

  • Please remove my accout

    Please delete my Skype account!

  • Systems running on separate drives, a single machine

    Mac Pro MacPro3, 1Quad-Core Intel Xeon 2.8 GHz. Have currently the system drive running 10.5.8. Now, I wouldn't let it go. I have 3 other sata drives which I bought just formatted and save your work for them. I would like to know if I can install for

  • Equium A60 does not recognize the USB webcam

    I just bought a creative vista more webcam and tried to install it on my laptop Equium A60, the software is installed properly and everything but when I connected the webcam to the usb port my laptop didn't recognize it.I tried to uninstall and reins