Solved

Exchange 2003 SP2 Push Email Problem - 0x80072F0D

Posted on 2008-06-26
7
707 Views
Last Modified: 2013-12-05
Hi All,

I've got a problem setting up Push email on a Windows 2003 SP2, Exchange 2003 SP2 server.

I have set a few of these up in the past with no problems.

I have created a dns record called mobile.domainname.com and using IIS6, submitted a ssl certificate request for that domain to www.certificatesforexchange.com The certifcate got processed ok and installed on the server.

I can access the server via https://mobile.domainname.com/exchange and via https://mobile.domainname.com/oma and all appears to be ok from that point of view

When I try to setup the handheld device (ipaq 514 windows mobile 6) to connect to the server, it gives me the error code 0x80072F0D which I understand to be a certificate error.

I'm a bit confused because I have never had a problem with that provider before and from what I can see, the server is configured ok.

The one strange thing with this server is that originally it did not state that it had SP2 applied yet the option of 5 tick boxes was shown in default smtp virtual server, properties, advanced, edit whereas you normally see 3 tick boxes on an unpatched server. I re-applied SP2 and it now shows as sp2 being installed.

Are there any other causes of 0x80072F0D as I am 99.9% sure the certificate is ok and I know the phone is ok as it conencts to another server that has a certificate issued by www.certificatesforexchange.com (starfield).

Thanks in advance
0
Comment
Question by:ghost123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
dipersp earned 250 total points
ID: 21876126
I'm 99% sure that certificatesforexchange.com is GoDaddy, which is in the list of root certs for mobile devices, so you're good there.

To be sure, go to your OWA page on a PC - click the lock icon indicated the page is SSL secured and view the cert.  Does it show GoDaddy info?

If it is GoDaddy, did they give you an intermediate cert to load on the server?  I found on RARE occasion, there was already some GoDaddy stuff in the certificate store, so what I do before loading any GoDaddy stuff is to make sure there are no intermediate certs or revoked intermediate certs listed.  If that's good, go ahead and import the intermediate.  Then check in the root certs list that no GoDaddy certs are listed (You may already have some since you're loaded the cert.)  I would right-click properties and disable the GoDaddy root certs, remove them from IIS and reload them in IIS.

Let us know if any of that works.
0
 
LVL 1

Author Comment

by:ghost123
ID: 21876338
Hi

Don't think its GoDaddy

The cert info is starfield - issuer info:-
SERIALNUMBER = xxxxx
CN = Starfield Secure Certification Authority
OU = http://certificates.starfieldtech.com/repository
O = Starfield Technologies, Inc.
L = Scottsdale
S = Arizona
C = US

I did get an intermediate cert from them which I didn't install tbh (never have before either) - I am going to bounce the server tonight and then I'll check the certs as you suggest.

Thanks,


Pete
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876390
Yeh, that's GoDaddy.  Install the intermediate cert.  It'll take you two minutes as opposed to waiting to bounce the box tonight and it will probably work fine.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Author Comment

by:ghost123
ID: 21876484
Installed the intermediate cert succesfully but still get same error code on the handheld

Somewhere I think I have made things worse now :(  

Accessing http or https://domainname/exchange is ok but now when I access http or https://domainname/oma it asks for username and password then says:-

The website declined to show this webpage
 HTTP 403  
   Most likely causes:
This website requires you to log in.
 
   What you can try:
     Go back to the previous page.
 
     More information

This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.

For more information about HTTP errors, see Help.

Yet, if I take the tick out of SSL on the handheld it syncs!!

Think I need to bounce it!!
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876801
Does OMA work from a regular desktop browser when SSL is setup?

See link below and check out method #3.

http://www.petri.co.il/problems_with_forms_based_authentication_and_ssl_in_activesync.htm
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21878441
The bible to these stupid phones... ignore the error 85010014

http://www.amset.info/exchange/mobile-85010014.asp

This guide fixes about 99.999% of phone synch problems
0
 
LVL 1

Author Comment

by:ghost123
ID: 21882188
Hi,

Installed the intermediate certifcate and cleaned up the others and all works now :)

Thanks for your help dipersp
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
The Windows functions GetTickCount and timeGetTime retrieve the number of milliseconds since the system was started. However, the value is stored in a DWORD, which means that it wraps around to zero every 49.7 days. This article shows how to solve t…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question