commeng
asked on
Help with SSL Certificate
I finall received permission from the owner of my company to enable SSL on our Exchange Server 2003 with a self-signing certificate. The last time this was attempted the Treo could not receive the self-signing certificate and the implementation failed.
Does anyone know how to configure the iPhone, a Treo and the Blackberry Storm to accept a self-signed SSL certificate?
Thanks,
Does anyone know how to configure the iPhone, a Treo and the Blackberry Storm to accept a self-signed SSL certificate?
Thanks,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Or spend US$30 on a commercial certificate and save a lot of headaches.
https://CertificatesForExchange.com/
Simon.
https://CertificatesForExchange.com/
Simon.
sure, a commercial certificate cuts though a lot of the issues - assuming they can clear that as a recurring expense with the boss :)
ASKER
I actually got permission for the $30 certificate. I am just trying to figure out how to get the certicate and then load it onto the server.
ASKER
OK, I purchased, downloaded and installed the Certificates for Exchange. When I am in the office, SSL is working https://webaddres.domain.com/exchange, but when I am outside the office it does not work. The phones will not work with SSL either, none of them (iphone, treo or blackberry), obviouslly I have done something wrong.
Any ideas why SSL would work inside the office but not anywhere else?
Any ideas why SSL would work inside the office but not anywhere else?
do you have a valid A (dns) record for the exact string referenced (webaddres.domain.com) - if not, even if you put in (say) a NATted IP address, the certificate won't match what the browser expects to compare the certificate to - and the sync will fail.
ASKER
OK Making Progress now. It was a firewall setting! Dang it. I have the iPhones working. Can someone tell me where on the BES server of on the BB's I can enable SSL.
Treo = In IE browse to your OWA page or any other page using this self assigned certificate. Click on the certificate details > Select View Certificate > Select Install Certificate > Press next > Select Place all certificates in the following store > Select Browse > Select Trusted Root Certification Authorities > Press OK > Continue through the prompts until the wizard is completed. Now in IE select Tools > Internet Options > Select Content > Select Certificates > Select Trusted Root Certification Authorities > Locate and select the certificate you saved > Press Export > Leave all setting as default > create a filename. Now copy the .CER file to the device and run open it which installs the certificate on the device
BlackBerry = A BlackBerry on BIS will accept a self assigned certificate.