Solved

Exchange Active sync no fail 0x80072EFF Cannot contact server

Posted on 2011-03-22
24
794 Views
Last Modified: 2012-05-11
I have just renewed the certificate for my OWA server. It is working fine through web browsers and is showing the updated cert.

However none of our mobiles can connect to exchange giving errors in the title.

I am confused, previously if OWA was working mobiles worked.

Safari on my iphone does say it failed to create a secure connection if I try and browse OWA however.

The cert is issued by our own CA, the certs are installed on mobile devices and in the past iphones have just asked you to accept anyway.

confused!
0
Comment
Question by:Sam_Rendell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 10
  • 4
24 Comments
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 500 total points
ID: 35189224
I would remove, reinstall and then re-enable the certificate and if that still doesn't work, then I would re-key the certificate and download a fresh certificate as it could be corrupt.
0
 

Author Comment

by:Sam_Rendell
ID: 35189495
I created a new test cert. and applied it iphones are now working. So there was a problem. but old windows phones wont work because the cert is not installed.

I need to try and get the renewed cert to work.

I have removed it, how do i re-add it?

I know this is a stupid question, but I have only ever requested new or renewed old ones before.

Cheers.
0
 
LVL 4

Expert Comment

by:sachin5333
ID: 35189570
Error : 80072EFF

Possible Cause :-
 The connection with the server has been reset.
- OR -
Synchronization failed due to a communications failure. Try again

Possible resolution :-
Verify that the server is listening on the SSL port and that the device can connect to the server over SSL.
1. The connection with the server was reset. You are using a Windows Mobile 2002-based device or a Windows Mobile 2003-based device with SSL. However an SSL connection could not be established and the connection was reset.

User action :-
1. Verify that the server you are connecting is listening on the SSL port. Ensure that you can connect to the server over SSL using Internet Explorer on the device.
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35189632
Re-download the certificate from the certificate provider.

Copy the file to the server and then Import the Certificate:

http://technet.microsoft.com/en-us/library/dd351183.aspx

Once imported - you need to enable it:

http://technet.microsoft.com/en-us/library/aa997231.aspx
0
 

Author Comment

by:Sam_Rendell
ID: 35189644
No i mean how do I get the pfx file from the CA.

All i have from the renewal request a .cer file.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35189655
Who is the CA?
0
 

Author Comment

by:Sam_Rendell
ID: 35189664
I have just renewed the certificate for my OWA server.
0
 

Author Comment

by:Sam_Rendell
ID: 35189675
Sorry ment to say, I am using my own CA.
0
 
LVL 4

Expert Comment

by:sachin5333
ID: 35189726
Verify that the server you are connecting is listening on the SSL port. Ensure that you can connect to the server over SSL using Internet Explorer on the device.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35189755
@sachin5333 - Your comments are not helping - please read the question carefully.
0
 
LVL 4

Expert Comment

by:sachin5333
ID: 35189825
You need to install the Certificate on the device and then it will work.

Please check below article.

http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php
0
 
LVL 4

Expert Comment

by:sachin5333
ID: 35189852
@alanhardisty: I need to confirm it from the author. Please check my earlier comment.

0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35189865
Ah - okay - then please visit the page where you download your certificate from IE.  Re-download the certificate and then install it.
0
 

Author Comment

by:Sam_Rendell
ID: 35189870
We have confirmed that the error goes away with a new cert. So what I need to know now is how to get the renewed cert to work. I have removed it from the OWA box now I need to readd it. But IIS and Exchange both want .pfx files to import a cert. The question now is where do I get that.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35189886
You don't have to import a .PFX file - a .CRT file is fine.
0
 

Author Comment

by:Sam_Rendell
ID: 35189888
The certserv page only offers the cert. in DER or 64bit both of which are .cer files
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35189897
That's fine.
0
 

Author Comment

by:Sam_Rendell
ID: 35190026
I have tried using the .cer file that was generated for the renewal and it says there is no key included and it does not import.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35190059
Are you importing via the Exchange Console or Shell?
0
 

Author Comment

by:Sam_Rendell
ID: 35190066
EMC I also tried through IIS.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35190127
Please use the Exchange Management Shell:

Import-ExchangeCertificate -Path c:\certificates\certificatename.cer

Does that work without error?
0
 

Author Comment

by:Sam_Rendell
ID: 35190895
It doesn't like the -Path switch apparently...

Stupid EMS
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 35192843
Have you changed the path to reflect the path your certificate has been copied to?

If you copy the cert to c:\ and it is called certificate.cer then you run:

Import-ExchangeCertificate -Path c:\certificate.cer

Is it any happier?
0
 

Author Comment

by:Sam_Rendell
ID: 35197175
Yes I changed the path :)

I am sorting a proper cert for this it is something I wanted to do anyway.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question