Solved

SSL with OMA.. why SSL.. how to check SSL how to disable SSL

Posted on 2006-11-07
11
1,010 Views
Last Modified: 2007-12-19
Hi everyone.. I think everyone knows at the moment i have a problem with OMA in SBS 2003 :)

can i check with people re: SSL. I have not done anything like this with SSL.. on our web team when working with websites.. ive had no involvement.

I have had what i believe to be some ssl errors (POSSIBLY!)

1. How do you check that the SSL certificate is working and not incorrect (I have done a restore to get this server cert back). I.E. valid in the world

2. How do i disable SSL for testing purposes .. So that i can test OMA without SSL .. I have checked the Virtual Directory properties and NON have SSL ticked. But from other posts I know that this DOES NOT mean that it is not on.. Please confirm

3. How do you install a certificate on a windows mobile 5 device?

Many Thanks people.. hopefully this will help me troubleshoot and if nothing else,,,, will help me switch off and test without SSL.

many thanks

Romolo
0
Comment
Question by:roycasella
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
11 Comments
 
LVL 21

Expert Comment

by:suppsaws
ID: 17887857
Hi roycasella,

Please put you questions in the same post if possible ... You already started 3 posts on the same issue .... .
about ssl and the cert.
Please rerun the CEICW again:
http://www.12c4pc.com/sbs2k3/sbs2k3-n2.htm
make sure your cert points to the external fqdn of you server, eg  sbs.yourdomain.com

please don't change the ssl settings in IIS, you will only make things worse that way.

Cheers!
0
 
LVL 7

Author Comment

by:roycasella
ID: 17887998
OK..

I believe I have installed the SSL on the mobile device now..

I exported from PC and installed.

now it tells me i have not got permission to sync this test account.

ill look over setup of OMA again.

If I have a virgin mobile NO EMAIL for testing and i sync MD's email.. will it remove anything from the mailbox?

Thanks

Romolo
0
 
LVL 21

Expert Comment

by:suppsaws
ID: 17888099
roycasella,

please make sure your exchange is ok, with SP2 installed please.
concentrate on the previous issue first before trying to sync, setting up ssl, ... .

1. install SP2
2. rerun the CIECW
3. configure the cert (create an a-record sbs.yourdomain.com which points to external ip)
4. check the eventlogs if there are any events related to exchange.
if exchange works fine we can proceed with the oma things
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 7

Author Comment

by:roycasella
ID: 17888289
I have checked cert and it seems to work ok

i have installed this on a pc... and appears to work ok

i am no longer prompted when browsing thes areas externally.

I am downloading SP2..

I am using original account to test now NOT test account.

this tries to sync and returns error 0x85010014

as did the ORIGINAL device that is with the user

can you tell me what permissions should be set on server for

Virtual Directories:

OMA
Microsoft-Server-ActiveSync
exchange-oma

ALSO: Does http://mobile.server.com/oma meant to show BLANK when it loads (dont thinkso)

AND

does the directory for "microsoft-server-activesync" meant to be empty bc i had to manually create it

c:\program files\exchsvr\oma\sync

I manually made 'sync'

thanks

Romolo

0
 
LVL 21

Accepted Solution

by:
suppsaws earned 500 total points
ID: 17888399
roycasella,

that error can have loads of causes, see:
http://www.experts-exchange.com/Networking/Email_Groupware/Exchange_Server/Q_21873844.html

you shouldn't change a thing manually in IIS ... perhaps you did and now problems occur ... .
You should let all things be handles wy the wizards, NOT manually.

If you want to export the cert (if the cert is correct), do it this way:

1.    Open Internet Explorer
2. Go to your servers HTTPS website ie. https://companyweb 
2.    OR go to IIS, right click companyweb > properties > directory security > view certificate > details > export
3. Double Click on the Padlock Icon in the bottem right of the screen.  This
will show you the certificate details.
4. Click the Details Tab
5. Click to the "Copy to file" button
6. The Certificate Export Wizard will begin.  Click Next
7. Click Next to accept the DER encode option
8. Enter c:\sbsexp.cer in the path
9. Click Finish.
10 Copy the c:\sbsexp.cer to the PPC.
11 On the Pocket PC, open File explorer, navigate to the sbsexp.cer file and
double click to open it. this will import the Certificate allowing a SSL
connection.

make sure the correct ports are open to your server, port 443
0
 
LVL 7

Author Comment

by:roycasella
ID: 17888700
yes ive done this..

the cert is on my test PPC

Romolo
0
 
LVL 7

Author Comment

by:roycasella
ID: 17890762
how do i recreate the OMA

thanks

romolo
0
 
LVL 7

Author Comment

by:roycasella
ID: 17894208
tried this...

it did not work

Romolo
0
 
LVL 7

Author Comment

by:roycasella
ID: 17894414
I have upgraded to exchange sp2... BUT

same problem..

arrghh... i need an answer

thanks

romolo
0
 
LVL 7

Author Comment

by:roycasella
ID: 17900435
OK

I have installed SP2. and deleted VD's and recreated as per a microsoft step by step.

My

http://server/oma web logged in STILL shows blank ????

But the MD is getting his email. However he has said there has been some crashes today.... HOORAY!

IT IS Working..

however. OTHER existing users that have had no changes to the PDA's using same PDA..

When they sync they get 0x685010004 "You account does not hav permission to sync with your current settings. Contact your Microsoft Exchange administrator"

I have setup new users and this happens too

I have checked the AD and they DO HAVE all OMA features turned on... What else could it be

thanks to all that have helped ..... thus far

Romolo

0
 
LVL 7

Author Comment

by:roycasella
ID: 17906622
I Dont have a "DEVICE SECURITY" option in my "Mobile Services" in ESM.

Exchange 2003 SP2 ...

Many Thanks

Romolo
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Come and listen to Percona CEO Peter Zaitsev discuss what’s new in Percona open source software, including Percona Server for MySQL (https://www.percona.com/software/mysql-database/percona-server) and MongoDB (https://www.percona.com/software/mongo-…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question