Palm Treo 755p - Issue converting and installing GoDaddy cert for sync with Exchang 2003 S2
I have an SBS 2003 SP2 server domain running Exchange 2003 SP2. The security cert purchased from GoDaddy last year expired on Oct 31st. So our hand-held users were no longer able to sync with Exchange - as expected. We requested a cert renewal from GoDaddy, sent them the expired cert and within hours received the new cert back which was installed on the server and distributed to the client workstations to install in IE for Outlook with RPC over HTTP. This went perfectly, as did the installations in the iPhones and Blackberries. Everything on that end is working perfectly.
BUT we have users who have Palm Treo 755p's. For them we downloaded the latest version of Palm HotSync (for Sprint) v4.1.4 along with the latest available version of the Palm Certificate Tool (Certificate Authority Updater).
The certs were converted from their original format...
"email.domain.biz.crt"
to
"cert.pdb"
...using the method found here: http://www.palm.com/us/support/downloads/versamail/certmodtool.html
During the process, however, it was necessary to change the file-type of the new GoDaddy cert from "crt" to "cer" in order for the Palm Certificate Authority Updater tool to recognize it for the conversion to a "cert.pdb" file.
Once the new "cert.pdb" file was in the Certificate Authority Updater, we ran HotSync and all data was synchronized.
BUT a review of the logs showed that each time we tried (and it was a dozen or so) the newly converted "cert.pdb" was rejected and deleted from the sync file path as being no-good or corrupt.
Here is the entry from the HotSync log:
"- Invalid handheld file deleted: C:\Program Files\palmOne\UserName\Ins
OK Install with 1 message(s)"
My concern is the new cert from GoDaddy. Does anyone know if this issue is due to the file type being "crt" rather than "cer" ?
It concerns me that there was no way to make the Palm Certificate Authority Updater recognize the GoDaddy cert in its original file format, and that it had to be changed to "cer".
Has anyone come across this before?
BUT we have users who have Palm Treo 755p's. For them we downloaded the latest version of Palm HotSync (for Sprint) v4.1.4 along with the latest available version of the Palm Certificate Tool (Certificate Authority Updater).
The certs were converted from their original format...
"email.domain.biz.crt"
to
"cert.pdb"
...using the method found here: http://www.palm.com/us/support/downloads/versamail/certmodtool.html
During the process, however, it was necessary to change the file-type of the new GoDaddy cert from "crt" to "cer" in order for the Palm Certificate Authority Updater tool to recognize it for the conversion to a "cert.pdb" file.
Once the new "cert.pdb" file was in the Certificate Authority Updater, we ran HotSync and all data was synchronized.
BUT a review of the logs showed that each time we tried (and it was a dozen or so) the newly converted "cert.pdb" was rejected and deleted from the sync file path as being no-good or corrupt.
Here is the entry from the HotSync log:
"- Invalid handheld file deleted: C:\Program Files\palmOne\UserName\Ins
OK Install with 1 message(s)"
My concern is the new cert from GoDaddy. Does anyone know if this issue is due to the file type being "crt" rather than "cer" ?
It concerns me that there was no way to make the Palm Certificate Authority Updater recognize the GoDaddy cert in its original file format, and that it had to be changed to "cer".
Has anyone come across this before?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I talked to GoDaddy. They sent a new cert and the conversion would to install it on the phones, but there were still SSL comunication issues with the server. This, I Was told was due to the 128/256 bit encryption issue. They offered to work through it with me, making adjustments on the sever-side cert instalation but it was judged not to be cost effective.
In the end it was decided to get the users off of the Palm platform and replace the devices with Windows Mobile Treos.
I know that's a "nuclear-solution" but I'm happy that we were able to standardize fthe mobile users to a Windows Active Sync platform.
Thanks guys.