We recently installed exchange 2003 sp2 on windows server 2003 standard. We would like to use active sync with direct push, but have a question about ssl certificates. Our internal DNS is int-tfchurch.org so I created a trial certificate through verisign with the name of the mail server and our internal domain name (server.int-company.org). The problem is our end users access OWA and sync their phones to mail.company.org. Its the same server it just has a different domain mapping on the outside. Now our phones give us the following error messages: 1. SERVER CERTIFICATE DOMAIN DOES NOT MATCH SERVER 2. SSL CERTIFICATE IS NOT TRUSTED UPDATE TRUSTED ROOT LIST.