Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2003 SP2 Push Email Problem - 0x80072F0D

Posted on 2008-06-26
7
Medium Priority
?
717 Views
Last Modified: 2013-12-05
Hi All,

I've got a problem setting up Push email on a Windows 2003 SP2, Exchange 2003 SP2 server.

I have set a few of these up in the past with no problems.

I have created a dns record called mobile.domainname.com and using IIS6, submitted a ssl certificate request for that domain to www.certificatesforexchange.com The certifcate got processed ok and installed on the server.

I can access the server via https://mobile.domainname.com/exchange and via https://mobile.domainname.com/oma and all appears to be ok from that point of view

When I try to setup the handheld device (ipaq 514 windows mobile 6) to connect to the server, it gives me the error code 0x80072F0D which I understand to be a certificate error.

I'm a bit confused because I have never had a problem with that provider before and from what I can see, the server is configured ok.

The one strange thing with this server is that originally it did not state that it had SP2 applied yet the option of 5 tick boxes was shown in default smtp virtual server, properties, advanced, edit whereas you normally see 3 tick boxes on an unpatched server. I re-applied SP2 and it now shows as sp2 being installed.

Are there any other causes of 0x80072F0D as I am 99.9% sure the certificate is ok and I know the phone is ok as it conencts to another server that has a certificate issued by www.certificatesforexchange.com (starfield).

Thanks in advance
0
Comment
Question by:ghost123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
dipersp earned 1000 total points
ID: 21876126
I'm 99% sure that certificatesforexchange.com is GoDaddy, which is in the list of root certs for mobile devices, so you're good there.

To be sure, go to your OWA page on a PC - click the lock icon indicated the page is SSL secured and view the cert.  Does it show GoDaddy info?

If it is GoDaddy, did they give you an intermediate cert to load on the server?  I found on RARE occasion, there was already some GoDaddy stuff in the certificate store, so what I do before loading any GoDaddy stuff is to make sure there are no intermediate certs or revoked intermediate certs listed.  If that's good, go ahead and import the intermediate.  Then check in the root certs list that no GoDaddy certs are listed (You may already have some since you're loaded the cert.)  I would right-click properties and disable the GoDaddy root certs, remove them from IIS and reload them in IIS.

Let us know if any of that works.
0
 
LVL 1

Author Comment

by:ghost123
ID: 21876338
Hi

Don't think its GoDaddy

The cert info is starfield - issuer info:-
SERIALNUMBER = xxxxx
CN = Starfield Secure Certification Authority
OU = http://certificates.starfieldtech.com/repository
O = Starfield Technologies, Inc.
L = Scottsdale
S = Arizona
C = US

I did get an intermediate cert from them which I didn't install tbh (never have before either) - I am going to bounce the server tonight and then I'll check the certs as you suggest.

Thanks,


Pete
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876390
Yeh, that's GoDaddy.  Install the intermediate cert.  It'll take you two minutes as opposed to waiting to bounce the box tonight and it will probably work fine.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 1

Author Comment

by:ghost123
ID: 21876484
Installed the intermediate cert succesfully but still get same error code on the handheld

Somewhere I think I have made things worse now :(  

Accessing http or https://domainname/exchange is ok but now when I access http or https://domainname/oma it asks for username and password then says:-

The website declined to show this webpage
 HTTP 403  
   Most likely causes:
This website requires you to log in.
 
   What you can try:
     Go back to the previous page.
 
     More information

This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.

For more information about HTTP errors, see Help.

Yet, if I take the tick out of SSL on the handheld it syncs!!

Think I need to bounce it!!
0
 
LVL 9

Expert Comment

by:dipersp
ID: 21876801
Does OMA work from a regular desktop browser when SSL is setup?

See link below and check out method #3.

http://www.petri.co.il/problems_with_forms_based_authentication_and_ssl_in_activesync.htm
0
 
LVL 10

Expert Comment

by:Casey Herman
ID: 21878441
The bible to these stupid phones... ignore the error 85010014

http://www.amset.info/exchange/mobile-85010014.asp

This guide fixes about 99.999% of phone synch problems
0
 
LVL 1

Author Comment

by:ghost123
ID: 21882188
Hi,

Installed the intermediate certifcate and cleaned up the others and all works now :)

Thanks for your help dipersp
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
how to add IIS SMTP to handle application/Scanner relays into office 365.

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question