Certificate problems

Posted on 2007-08-07
Last Modified: 2013-11-05
I currently host a small exchange server with about 10 users. I have a SSL Certificate installed from RapidSSL. The problem I am having is that when I go to I get a "There is a problem with this websites certificate". The problem is not so much for remote users as it is for synchronizing to my treo device. Everytime I try to synchronize I get a certificate error message on my treo. Any suggestions?
Question by:nitrousgtstang
    LVL 31

    Expert Comment

    it should be https:// or?

    Author Comment

    Sorry for the typo. Yes it should be
    LVL 7

    Expert Comment

    I'm guessing you did not install the intermediate certificate in the intermediate cert store on the server.

    start here and run this utility:


    Author Comment

    System time: Tue, 07 Aug 2007 16:12:07 GMT
    ModuleFileName: C:\Program Files\IIS Resources\SSLDiag\SSLDiag.exe version: 1.1:34.0
    CommandLine: "C:\Program Files\IIS Resources\SSLDiag\SSLDiag.exe"
    ProcessorArchitecture: x86
    OS: Windows 2003 Service Pack 2
    IIS6 - World Wide Web Publishing (W3SVC) service is installed

    [ HKLM\System\CurrentControlSet\Services\HTTPFilter ]
    ImagePath = C:\WINDOWS\system32\lsass.exe
    Parameters\CertChainCacheOnlyUrlRetrieval = True(default)
    EnableKernelSsl = False(default)
    strmfilt.dll loaded into process 456 (lsass.exe)

    [ SChannel Info ]
    ServerCacheEntries = 88
    ServerActiveEntries = 0
    ServerHandshakes = 107
    ServerReconnects = 68
    CacheSize = 10000

    [ W3SVC/1 ]
    ServerComment = Default Web Site
    ServerState = Server started
    #Impersonated server account
    SSLCertHash = f5 e2 26 d9 6f ca 0c ff 75 df a6 ce b4
    SSLStoreName = MY
    #CertName =
    #You have a private key that corresponds to this certificate
    #ProvName='Microsoft RSA SChannel Cryptographic Provider' ProvType=PROV_RSA_SCHANNEL KeySpec=AT_KEYEXCHANGE
    #Subject: C=US,, OU=GT23976799, OU=See (c)07, OU=Domain Control Validated - RapidSSL(R),
    #Issuer: C=US, O=Equifax Secure Inc., CN=Equifax Secure Global eBusiness CA-1
    #Validity: From 7/18/2007 6:20:56 AM To 8/17/2008 6:20:56 AM
    CertVerifyCertificateChainPolicy succeeded
    SecureBindings = :443:

    [ W3SVC/1/ROOT ]
    AccessSSLFlags = 0 (0x0)

    [ W3SVC/1/ROOT/Exchange ]
    AccessSSLFlags = 264 (0x108)
    AccessSSL = True
    AccessSSL128 = True
    AccessSSLNegotiateCert = False
    AccessSSLRequireCert = False
    AccessSSLMapCert = False

    [ W3SVC/1/ROOT/ExchDAV ]
    AccessSSLFlags = 0 (0x0)

    [ W3SVC/25341 ]
    ServerComment = Administration
    ServerState = Server started
    AccessSSLFlags = 8
    #Impersonated server account
    SSLCertHash = c8 9f 0d 79 ee ef 30 fa 9f 6e 17 d3 ae df c7
    SSLStoreName = MY
    #CertName = exchgsvr.moermond.local
    #You have a private key that corresponds to this certificate
    #ProvName='Microsoft Enhanced Cryptographic Provider v1.0' ProvType=PROV_RSA_FULL KeySpec=AT_KEYEXCHANGE
    #Subject: CN=exchgsvr.moermond.local
    #Issuer: CN=exchgsvr.moermond.local
    #Validity: From 7/16/2007 5:35:53 AM To 7/15/2008 11:35:53 AM
    CertVerifyCertificateChainPolicy succeeded
    SecureBindings = :8098:

    Diagnostics complete, system time: Tue, 07 Aug 2007 16:12:09 GMT
    LVL 7

    Accepted Solution

    looks like ssl is setup on the server without a problem. works in both IE and firefox.

    i assume you are using a windows treo and trying to activesync to your server?  I seem to remember something like this in the past.  on the default website > security tab > secure communications (edit button) - is that set to require ssl?  if so that should not be set.  

    Also, when connecting to activesync you are not entering /exchange/.  the server name should just be

    Now i might be misunderstanding you as you said things completely contradictory to what i've just said, so please be more specific

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
    Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now