Solved

Exchange 2003 SP2 Push Email Problem - 0x80072F0D

Posted on 2008-06-26
7
705 Views
Last Modified: 2013-12-05
Hi All,

I've got a problem setting up Push email on a Windows 2003 SP2, Exchange 2003 SP2 server.

I have set a few of these up in the past with no problems.

I have created a dns record called mobile.domainname.com and using IIS6, submitted a ssl certificate request for that domain to www.certificatesforexchange.com The certifcate got processed ok and installed on the server.

I can access the server via https://mobile.domainname.com/exchange and via https://mobile.domainname.com/oma and all appears to be ok from that point of view

When I try to setup the handheld device (ipaq 514 windows mobile 6) to connect to the server, it gives me the error code 0x80072F0D which I understand to be a certificate error.

I'm a bit confused because I have never had a problem with that provider before and from what I can see, the server is configured ok.

The one strange thing with this server is that originally it did not state that it had SP2 applied yet the option of 5 tick boxes was shown in default smtp virtual server, properties, advanced, edit whereas you normally see 3 tick boxes on an unpatched server. I re-applied SP2 and it now shows as sp2 being installed.

Are there any other causes of 0x80072F0D as I am 99.9% sure the certificate is ok and I know the phone is ok as it conencts to another server that has a certificate issued by www.certificatesforexchange.com (starfield).

Thanks in advance
0
Comment
Question by:ghost123
  • 3
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
dipersp earned 250 total points
ID: 21876126
I'm 99% sure that certificatesforexchange.com is GoDaddy, which is in the list of root certs for mobile devices, so you're good there.

To be sure, go to your OWA page on a PC - click the lock icon indicated the page is SSL secured and view the cert.  Does it show GoDaddy info?

If it is GoDaddy, did they give you an intermediate cert to load on the server?  I found on RARE occasion, there was already some GoDaddy stuff in the certificate store, so what I do before loading any GoDaddy stuff is to make sure there are no intermediate certs or revoked intermediate certs listed.  If that's good, go ahead and import the intermediate.  Then check in the root certs list that no GoDaddy certs are listed (You may already have some since you're loaded the cert.)  I would right-click properties and disable the GoDaddy root certs, remove them from IIS and reload them in IIS.

Let us know if any of that works.
0
 
LVL 1

Author Comment

by:ghost123
ID: 21876338
Hi

Don't think its GoDaddy

The cert info is starfield - issuer info:-
SERIALNUMBER = xxxxx
CN = Starfield Secure Certification Authority
OU = http://certificates.starfieldtech.com/repository
O = Starfield Technologies, Inc.
L = Scottsdale
S = Arizona
C = US

I did get an intermediate cert from them which I didn't install tbh (never have before either) - I am going to bounce the server tonight and then I'll check the certs as you suggest.

Thanks,


Pete
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876390
Yeh, that's GoDaddy.  Install the intermediate cert.  It'll take you two minutes as opposed to waiting to bounce the box tonight and it will probably work fine.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 1

Author Comment

by:ghost123
ID: 21876484
Installed the intermediate cert succesfully but still get same error code on the handheld

Somewhere I think I have made things worse now :(  

Accessing http or https://domainname/exchange is ok but now when I access http or https://domainname/oma it asks for username and password then says:-

The website declined to show this webpage
 HTTP 403  
   Most likely causes:
This website requires you to log in.
 
   What you can try:
     Go back to the previous page.
 
     More information

This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.

For more information about HTTP errors, see Help.

Yet, if I take the tick out of SSL on the handheld it syncs!!

Think I need to bounce it!!
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876801
Does OMA work from a regular desktop browser when SSL is setup?

See link below and check out method #3.

http://www.petri.co.il/problems_with_forms_based_authentication_and_ssl_in_activesync.htm
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21878441
The bible to these stupid phones... ignore the error 85010014

http://www.amset.info/exchange/mobile-85010014.asp

This guide fixes about 99.999% of phone synch problems
0
 
LVL 1

Author Comment

by:ghost123
ID: 21882188
Hi,

Installed the intermediate certifcate and cleaned up the others and all works now :)

Thanks for your help dipersp
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In-place Upgrading Dirsync to Azure AD Connect
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question