[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Setup Droid Phone to use SSL for Exchange OWA

Posted on 2011-04-26
9
Medium Priority
?
1,021 Views
Last Modified: 2013-12-06
Can someone help me to get my emails pushed through my corporate exchange server using SSL.  I can only seem to get it to work with Basic Authentication.  Here is my network setup.....

1 Windows Small Business Server 2003 (running)
DC/AD
DHCP
DNS
Microsoft Exchange Server 2003
IIS 6.0
ISA Server 2004 Standard
(This server is setup using one network interface card)


I have already gotten the Certificate based SSL to work in a web browser from outside and from inside of my network.  I just haven't gotten it to work on my droid.  I tried using the email application that comes with the phone and also using a program called Touchdown and both do not work. They give me the error of....

"Setup could not finish
Unable to open connection to server"


But if i type the exact same address into a web browser from outside of the network It works just fine.  And on my phone if i take away the "Use secure connection (SSL)", then my emails get pushed perfectly, but they are not encrypted when they are sent from the exchange server.

If you need anymore information just let me know and i can provide it.  I let out a bunch of stuff because i did not know if it was relevant.  All I really want is for the information to be encrypted as it passes from my exchange server to my phone and vice versa.  I would be open to suggestions if someone has another way that i could achieve this.  Any help would be greatly appreciated.
0
Comment
Question by:palmerc12
  • 4
  • 4
9 Comments
 
LVL 8

Expert Comment

by:thetmanvn
ID: 35472768
Hi palmerc12,
What's your android version?
Do your exchange use self-signed ssl certs?
If you use self-signed certs, then when configure your exchange connections on your phone, did you tick the option Accept all SSL Certificates? Try it if you didn't.
If your phone is Android 2.1, it seems the only way to get ssl working with self-signed certs. You can look here:
http://blog.brightpointuk.co.uk/quick-look-android-21s-exchange-support
Hope this help,
T-Man
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 35473206
Make sure your ISA 2004 box is runninf ISA2004 SP3 (should hope so, it has been out years and 2004 will be unsupported soon).
Are you running sbs2003 premium - and the ISA is on the DC?
The same listener for OWA is also used for Activesync and oma it is just the settings of the IIS and the publishing rule that change.

I'll assume for the moment that you have used all the correct wizards and not hacked the config about but this is the best guide I have ever found.
http://technet.microsoft.com/en-us/library/bb794845.aspx
0
 
LVL 1

Author Comment

by:palmerc12
ID: 35476292
Thank you thetmanvn

What's your android version?
My Android version is 2.2.2

If you use self-signed certs, then when configure your exchange connections on your phone, did you tick the option Accept all SSL Certificates
Yes, I am using self signed certificates.  I tried the option to "Accept all SSL Certificates" and i got the same error as before

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 1

Author Comment

by:palmerc12
ID: 35476409
Thank you Keith!!

Make sure your ISA 2004 box is runninf ISA2004 SP3 (should hope so, it has been out years and 2004 will be unsupported soon).
Yes my Version is 4.0.2167.887.  Which I believe is ISA Server 2004 Standard SP3

Are you running sbs2003 premium - and the ISA is on the DC?
Yes, I know that it is not an ideal setup.  It was configuration that i inherited.

I'll assume for the moment that you have used all the correct wizards and not hacked the config about but this is the best guide I have ever found.
http://technet.microsoft.com/en-us/library/bb794845.aspx

Thank you for the guide.  I make a run through it and make sure that everything is setup correctly.  I'll post my results after I am done
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35478276
For SBS it IS ideal. SBS is the only system that was designed to have ISA on the DC and has the wizards to make it integrate correctly so no issue there.
0
 
LVL 1

Author Comment

by:palmerc12
ID: 35479096
I been reading a lot lately about access rules and publishing rules.  Everything that i have read was using a multi-homed ISA Server as the scenario.  Does this mean that the rules that i created are most likely incorrect because they were based off of a different setup (Multi-Homed)?  Do you have any general advice when working in ISA on a SBS machine or any guides that you would recommend?  It's just that almost everything that I read on ISA configurations said that you lose a lot of protection by having the ISA box on the DC while also using it as a Uni-Homed Server.  Anything that you could give me would be greatly appreciated.
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 2000 total points
ID: 35479357
What you have read is correct EXCEPT from when using SBS as the host OS - as I have stated already, SBS and ISA2004 were specifically geared to work together on the same box which is why all the wizards are provided to allow it. Whilst you can get ISA tpo work on other operating DC's it is not supported - only on SBS2003 is ISA 2004 supported on a DC by Microsoft.

Yes, you lose a lot of functionality if you only have a single nic ISA/SBS installation.

No, no real guidance (you either know the product or you don't to be honest). However, the TechNet documents on ISA 2004 are excellent reading material.
You can start here if you wish but there are lots of them.
http://technet.microsoft.com/en-us/library/cc747258(WS.10).aspx


0
 
LVL 1

Author Closing Comment

by:palmerc12
ID: 35479586
Thank you Very Much for all of your help Keith!!  It's  awesome that there are people out there that take the time to explain things in detail like you have.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 35479690
Welcome :)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Files go missing when using DFS (Distributed File System) Replication and how to recover them and fix it.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Suggested Courses
Course of the Month19 days, 18 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question