Palm Treo 750 Trying to Send Encrypted Emails via Exchange Server using Verisign Digital Certificates
Posted on 2008-06-18
I am trying to send encrypted emails via the palm Treo 750 smart phones. The smart phone is running windows mobile 6 and I am sending emails via our Exchange Server. I have installed a Versign digital certificate (.pfx digital certificate) on the device for sending encrypted emails. I can send emails that are signed with my digital certificate but i cannot encrypt emails. If i receive an encyrpted email i can open it on the Treo however i cannot reply to this message unless i turn off the encryption.
I am running an Exchange 2003 server SP2 and active Sync is running with SSL enabled. I think i have published the public keys correctly in the Global Address List by opening Active Directory, navigating to all the users i want to send encrypted emails to, and attaching their .cer certificates to each account (if that makes sense). There are 7 people in my office who send encyrpted emails and i have attached each of their public keys (*.cer) within active directory.
On the Treo, i can send an encrypted email but it automatically bounces back to me when i hit send/receive. The error i get on the Treo is:
"The certificates are not available for the following recipients or one or more members of the following distribution lists: firstname.lastname@example.org The email is then placed in the drafts directory.
If i receive a signed email from someone and check the validity of the signature on the Treo, I get this error: The signature is not valid. A certificate has been used incorrectly .
Could this be due to an authentication issue in IIS??? I am running windows 2003 SBS and am NOT running the certificate server so cannot publish my own certificates. I am using versign Secure email certificates to send encrypted emails.
I ve spoken to Verisign and Palm and have done as much troubleshooting as I can with those guys. I think it s down to the config on our server. Any help is much appreciated. I need to get this problem resolved within 48 hours so the management team in my office can send encyrpted emails to each other on their smartphones using 3rd party certificates. The reason for the urgency is a couple of people are going overseas and i need to have this resolved before they go.
Please help. thanks :)