Solved

Exchange 2003 SP2 Push Email Problem - 0x80072F0D

Posted on 2008-06-26
7
696 Views
Last Modified: 2013-12-05
Hi All,

I've got a problem setting up Push email on a Windows 2003 SP2, Exchange 2003 SP2 server.

I have set a few of these up in the past with no problems.

I have created a dns record called mobile.domainname.com and using IIS6, submitted a ssl certificate request for that domain to www.certificatesforexchange.com The certifcate got processed ok and installed on the server.

I can access the server via https://mobile.domainname.com/exchange and via https://mobile.domainname.com/oma and all appears to be ok from that point of view

When I try to setup the handheld device (ipaq 514 windows mobile 6) to connect to the server, it gives me the error code 0x80072F0D which I understand to be a certificate error.

I'm a bit confused because I have never had a problem with that provider before and from what I can see, the server is configured ok.

The one strange thing with this server is that originally it did not state that it had SP2 applied yet the option of 5 tick boxes was shown in default smtp virtual server, properties, advanced, edit whereas you normally see 3 tick boxes on an unpatched server. I re-applied SP2 and it now shows as sp2 being installed.

Are there any other causes of 0x80072F0D as I am 99.9% sure the certificate is ok and I know the phone is ok as it conencts to another server that has a certificate issued by www.certificatesforexchange.com (starfield).

Thanks in advance
0
Comment
Question by:ghost123
  • 3
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
dipersp earned 250 total points
ID: 21876126
I'm 99% sure that certificatesforexchange.com is GoDaddy, which is in the list of root certs for mobile devices, so you're good there.

To be sure, go to your OWA page on a PC - click the lock icon indicated the page is SSL secured and view the cert.  Does it show GoDaddy info?

If it is GoDaddy, did they give you an intermediate cert to load on the server?  I found on RARE occasion, there was already some GoDaddy stuff in the certificate store, so what I do before loading any GoDaddy stuff is to make sure there are no intermediate certs or revoked intermediate certs listed.  If that's good, go ahead and import the intermediate.  Then check in the root certs list that no GoDaddy certs are listed (You may already have some since you're loaded the cert.)  I would right-click properties and disable the GoDaddy root certs, remove them from IIS and reload them in IIS.

Let us know if any of that works.
0
 
LVL 1

Author Comment

by:ghost123
ID: 21876338
Hi

Don't think its GoDaddy

The cert info is starfield - issuer info:-
SERIALNUMBER = xxxxx
CN = Starfield Secure Certification Authority
OU = http://certificates.starfieldtech.com/repository
O = Starfield Technologies, Inc.
L = Scottsdale
S = Arizona
C = US

I did get an intermediate cert from them which I didn't install tbh (never have before either) - I am going to bounce the server tonight and then I'll check the certs as you suggest.

Thanks,


Pete
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876390
Yeh, that's GoDaddy.  Install the intermediate cert.  It'll take you two minutes as opposed to waiting to bounce the box tonight and it will probably work fine.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:ghost123
ID: 21876484
Installed the intermediate cert succesfully but still get same error code on the handheld

Somewhere I think I have made things worse now :(  

Accessing http or https://domainname/exchange is ok but now when I access http or https://domainname/oma it asks for username and password then says:-

The website declined to show this webpage
 HTTP 403  
   Most likely causes:
This website requires you to log in.
 
   What you can try:
     Go back to the previous page.
 
     More information

This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.

For more information about HTTP errors, see Help.

Yet, if I take the tick out of SSL on the handheld it syncs!!

Think I need to bounce it!!
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876801
Does OMA work from a regular desktop browser when SSL is setup?

See link below and check out method #3.

http://www.petri.co.il/problems_with_forms_based_authentication_and_ssl_in_activesync.htm
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21878441
The bible to these stupid phones... ignore the error 85010014

http://www.amset.info/exchange/mobile-85010014.asp

This guide fixes about 99.999% of phone synch problems
0
 
LVL 1

Author Comment

by:ghost123
ID: 21882188
Hi,

Installed the intermediate certifcate and cleaned up the others and all works now :)

Thanks for your help dipersp
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now