Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Palm Treo 750 Trying to Send Encrypted Emails via Exchange Server using Verisign Digital Certificates

Posted on 2008-06-18
7
Medium Priority
?
722 Views
Last Modified: 2013-12-05
I am trying to send encrypted emails via the palm Treo 750 smart phones.  The smart phone is running windows mobile 6 and I am sending emails via our Exchange Server.  I have installed a Versign digital certificate (.pfx digital certificate) on the device for sending encrypted emails.  I can send emails that are signed with my digital certificate but i cannot encrypt emails.  If i receive an encyrpted email i can open it on the Treo however i cannot reply to this message unless i turn off the encryption.

I am running an Exchange 2003 server SP2 and active Sync is running with SSL enabled. I think i have published the public keys correctly in the Global Address List by opening Active Directory, navigating to all the users i want to send encrypted emails to, and attaching their .cer certificates to each account (if that makes sense).  There are 7 people in my office who send encyrpted emails and i have attached each of their public keys (*.cer) within active directory.

On the Treo, i can send an encrypted email but it automatically bounces back to me when i hit send/receive.  The error i get on the Treo is:
"The certificates are not available for the following recipients or one or more members of the following distribution lists: user@domain.com.au  The email is then placed in the drafts directory.

If i receive a signed email from someone and check the validity of the signature on the Treo, I get this error:  The signature is not valid.  A certificate has been used incorrectly .

Could this be due to an authentication issue in IIS??? I am running windows 2003 SBS and am NOT running the certificate server so cannot publish my own certificates.  I am using versign Secure email certificates to send encrypted emails.

I ve spoken to Verisign and Palm and have done as much troubleshooting as I can with those guys. I think it s down to the config on our server.  Any help is much appreciated. I need to get this problem resolved within 48 hours so the management team in my office can send encyrpted emails to each other on their smartphones using 3rd party certificates.  The reason for the urgency is a couple of people are going overseas and i need to have this resolved before they go.

Please help.  thanks :)


0
Comment
Question by:nina007
  • 3
  • 2
5 Comments
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21818697
start by testing it through oma first.  Remove the phone from the picture at the moment.  See if you can get to oma and are able to send a email on ssl.  I am willing to bet this is going to fail here first.

Casey
0
 

Author Comment

by:nina007
ID: 21819180
Hi  Casey,
You are right.... if i open IE and go to http://name.domain.com.au/oma or if i go to https://name.domain.com.au/oma i get error: You are not authorized to view this page . HTTP Error 401.2 - Unauthorized: Access is denied due to server configuration. Internet Information Services (IIS).
any ideas?
0
 

Author Comment

by:nina007
ID: 21819771
Hi Casey,

I managed to get OMA working via IE and can send/receive messages ok however this didn't fix my problem and i still get the error: "The certificates are not available for the following recipients or one or more members of the following distribution lists: user@domain.com.au  The email is then placed in the drafts directory.

Not sure what else i can try.
Nina
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21824018
http://www.amset.info/pocketpc/certificates2.asp
This site has a lot of usefull info.

Hope it helps.  Screen shots are good..!!!

Casey
0
 
LVL 10

Accepted Solution

by:
Casey Herman earned 2000 total points
ID: 21824043
This is the article that I live by....

http://www.amset.info/exchange/mobile-85010014.asp

casey
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is an article on how to answer questions, earn points and become an expert.
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question