How do I use a SAN certificate on exchange 2007 to work with a windows mobile 6 device?

I am trying to create a Self Signed  SAN certificate to secure my exchange server 2007. I have a different internal and external domain. Bellow are the steps Im taking to create the certificate but when i view the  details the Subject Alternative Name has an exclamation mark against it, also when i try to import the certificate onto a windows mobile 6 device the certificate is being installed into the intermediate store rather than the trusted root which results in activesynch failing.

1)      I enter the following into  exchange powershell:

New-ExchangeCertificate -GenerateRequest:$true -Path c:\newCert.req -DomainName www.ExtDomain.com,Server.IntDomain.com,ExtFQDN -PrivateKeyExportable:$true -FriendlyName "Ads Exch07 Test" -IncludeAcceptedDomains:$false -Force:$true

2)      I paste the code from the req file into the Enterprise CA i have installed on windows server
                     2003 R2 and request a web certificate.
3)      I install the certificate that i download from the ca and cave it to c:\
4)      I run the bellow command to import the cert.
import-exchangecertificate -path c:\certnew.cer | enable-exchangecertificate -services smtp,iis,pop,imap

Like i said when i view the cert details i have an exclamation mark over the Subjet Alternative Name, also when i install it onto my WM6 Device it installs in the intermediate store not the trusted root.

Can anyone help?? Is my syntax incorrect
Start Free Trial