Help with SSL Certificate

Posted on 2009-05-13
Last Modified: 2012-05-06
I finall received permission from the owner of my company to enable SSL on our Exchange Server 2003 with a self-signing certificate.  The last time this was attempted the Treo could not receive the self-signing certificate and the implementation failed.

Does anyone know how to configure the iPhone, a Treo and the Blackberry Storm to accept a self-signed SSL certificate?

Question by:commeng
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 26

Expert Comment

by:Gary Cutri
ID: 24376546
iPhone = use the iPhone enterprise configuration utility

Treo = In IE browse to your OWA page or any other page using this self assigned certificate.  Click on the certificate details > Select View Certificate > Select Install Certificate > Press next > Select Place all certificates in the following store > Select Browse > Select Trusted Root Certification Authorities > Press OK > Continue through the prompts until the wizard is completed.  Now in IE select Tools > Internet Options > Select Content > Select Certificates > Select Trusted Root Certification Authorities > Locate and select the certificate you saved > Press Export > Leave all setting as default > create a filename.  Now copy the .CER file to the device and run open it which installs the certificate on the device

BlackBerry = A BlackBerry on BIS will accept a self assigned certificate.
LVL 33

Accepted Solution

Dave Howe earned 500 total points
ID: 24376749
I have seen some issues with self-signed certificates and mobile devices - however, normally those are fine with certificates signed by a corporate CA, provided you first import the CA certificate. The import process is fairly simple - just place a DER encoded CER file of the CA "root" certificate (the MS enterprise CA is fine for this, or you can use the standalone tool) onto a webserver and browse to it. That should offer to import it into the local root store) - this works on almost all devices, and usually the local java applets will use the same store as the browser.
LVL 65

Expert Comment

ID: 24377083
Or spend US$30 on a commercial certificate and save a lot of headaches. 

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 33

Expert Comment

by:Dave Howe
ID: 24378074
sure, a commercial certificate cuts though a lot of the issues - assuming they can clear that as a recurring expense with the boss :)

Author Comment

ID: 24378278
I actually got permission for the $30 certificate.  I am just trying to figure out how to get the certicate and then load it onto the server.

Author Comment

ID: 24388458
OK, I purchased, downloaded and installed the Certificates for Exchange.  When I am in the office, SSL is working, but when I am outside the office it does not work.  The phones will not work with SSL either, none of them (iphone, treo or blackberry), obviouslly I have done something wrong.

Any ideas why SSL would work inside the office but not anywhere else?
LVL 33

Expert Comment

by:Dave Howe
ID: 24391309
do you have a valid A (dns) record for the exact string referenced ( - if not, even if you put in (say) a NATted IP address, the certificate won't match what the browser expects to compare the certificate to - and the sync will fail.

Author Comment

ID: 24396767
OK Making Progress now.  It was a firewall setting!  Dang it.  I have the iPhones working.  Can someone tell me where on the BES server of on the BB's I can enable SSL.

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
You should read OS supplied guidelines before developing. I can't stress that enough. The guidelines will help you understand the reasons mobile app developers do what they do.  Apple is very particular when they review appstore submissions.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to:…
CodeTwo Sync for iCloud ( automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question