Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 800
  • Last Modified:

Exchange Active sync no fail 0x80072EFF Cannot contact server

I have just renewed the certificate for my OWA server. It is working fine through web browsers and is showing the updated cert.

However none of our mobiles can connect to exchange giving errors in the title.

I am confused, previously if OWA was working mobiles worked.

Safari on my iphone does say it failed to create a secure connection if I try and browse OWA however.

The cert is issued by our own CA, the certs are installed on mobile devices and in the past iphones have just asked you to accept anyway.

confused!
0
Sam_Rendell
Asked:
Sam_Rendell
  • 10
  • 10
  • 4
1 Solution
 
Alan HardistyCo-OwnerCommented:
I would remove, reinstall and then re-enable the certificate and if that still doesn't work, then I would re-key the certificate and download a fresh certificate as it could be corrupt.
0
 
Sam_RendellAuthor Commented:
I created a new test cert. and applied it iphones are now working. So there was a problem. but old windows phones wont work because the cert is not installed.

I need to try and get the renewed cert to work.

I have removed it, how do i re-add it?

I know this is a stupid question, but I have only ever requested new or renewed old ones before.

Cheers.
0
 
sachin5333Commented:
Error : 80072EFF

Possible Cause :-
 The connection with the server has been reset.
- OR -
Synchronization failed due to a communications failure. Try again

Possible resolution :-
Verify that the server is listening on the SSL port and that the device can connect to the server over SSL.
1. The connection with the server was reset. You are using a Windows Mobile 2002-based device or a Windows Mobile 2003-based device with SSL. However an SSL connection could not be established and the connection was reset.

User action :-
1. Verify that the server you are connecting is listening on the SSL port. Ensure that you can connect to the server over SSL using Internet Explorer on the device.
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
Alan HardistyCo-OwnerCommented:
Re-download the certificate from the certificate provider.

Copy the file to the server and then Import the Certificate:

http://technet.microsoft.com/en-us/library/dd351183.aspx

Once imported - you need to enable it:

http://technet.microsoft.com/en-us/library/aa997231.aspx
0
 
Sam_RendellAuthor Commented:
No i mean how do I get the pfx file from the CA.

All i have from the renewal request a .cer file.
0
 
Alan HardistyCo-OwnerCommented:
Who is the CA?
0
 
Sam_RendellAuthor Commented:
I have just renewed the certificate for my OWA server.
0
 
Sam_RendellAuthor Commented:
Sorry ment to say, I am using my own CA.
0
 
sachin5333Commented:
Verify that the server you are connecting is listening on the SSL port. Ensure that you can connect to the server over SSL using Internet Explorer on the device.
0
 
Alan HardistyCo-OwnerCommented:
@sachin5333 - Your comments are not helping - please read the question carefully.
0
 
sachin5333Commented:
You need to install the Certificate on the device and then it will work.

Please check below article.

http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php
0
 
sachin5333Commented:
@alanhardisty: I need to confirm it from the author. Please check my earlier comment.

0
 
Alan HardistyCo-OwnerCommented:
Ah - okay - then please visit the page where you download your certificate from IE.  Re-download the certificate and then install it.
0
 
Sam_RendellAuthor Commented:
We have confirmed that the error goes away with a new cert. So what I need to know now is how to get the renewed cert to work. I have removed it from the OWA box now I need to readd it. But IIS and Exchange both want .pfx files to import a cert. The question now is where do I get that.
0
 
Alan HardistyCo-OwnerCommented:
You don't have to import a .PFX file - a .CRT file is fine.
0
 
Sam_RendellAuthor Commented:
The certserv page only offers the cert. in DER or 64bit both of which are .cer files
0
 
Alan HardistyCo-OwnerCommented:
That's fine.
0
 
Sam_RendellAuthor Commented:
I have tried using the .cer file that was generated for the renewal and it says there is no key included and it does not import.
0
 
Alan HardistyCo-OwnerCommented:
Are you importing via the Exchange Console or Shell?
0
 
Sam_RendellAuthor Commented:
EMC I also tried through IIS.
0
 
Alan HardistyCo-OwnerCommented:
Please use the Exchange Management Shell:

Import-ExchangeCertificate -Path c:\certificates\certificatename.cer

Does that work without error?
0
 
Sam_RendellAuthor Commented:
It doesn't like the -Path switch apparently...

Stupid EMS
0
 
Alan HardistyCo-OwnerCommented:
Have you changed the path to reflect the path your certificate has been copied to?

If you copy the cert to c:\ and it is called certificate.cer then you run:

Import-ExchangeCertificate -Path c:\certificate.cer

Is it any happier?
0
 
Sam_RendellAuthor Commented:
Yes I changed the path :)

I am sorting a proper cert for this it is something I wanted to do anyway.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 10
  • 10
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now