Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Activesync connection issues post server migration

Posted on 2013-05-20
4
Medium Priority
?
597 Views
Last Modified: 2013-06-09
Nearly at the end of a long and somewhat painful migration from SBS 2003 to Server 2008 with Exchange 2010.  Both servers are still online but mailboxes have been moved to the new server and all Exchange services disabled on the old server.  Mail is moving fine in and out of the office but we are having some issues getting iPhones synched to the Exchange server.

Using Microsoft's Remote Connectivity Analyzer and testing for Exchange Activesync yields the following which seems to indicate that the SSL certificate from the old server is being picked up.  (I've modified the names for privacy).  

ExRCA is testing Exchange ActiveSync.
       The Exchange ActiveSync test failed.
       
      Test Steps
       
      Attempting to resolve the host name mail.ourdomain.com in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host mail.ourdomain.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server mail.galarneauassoc.com on port 443.
       ExRCA successfully obtained the remote SSL certificate.
       
      Additional Details
       Remote Certificate Subject: CN=mail.ourdomain.com, CN=companyweb, CN=gals1, CN=localhost, CN=sbs2003.ourdomain.com, Issuer: CN=mail.ourdomain.com, CN=companyweb, CN=sbs2003, CN=localhost, CN=sbs2003.ourdomain.com.
      Validating the certificate name.
       The certificate name was validated successfully.
       
      Additional Details
       Host name mail.ourdomain.com was found in the Certificate Subject Common name.
      Validating certificate trust for Windows Mobile devices.
       Certificate trust validation failed.
       
      Test Steps
       
      ExRCA is attempting to build certificate chains for certificate CN=mail.ourdomain.com, CN=companyweb, CN=sbs2003, CN=localhost, CN=sbs2003.ourdomain.com.
       A certificate chain couldn't be constructed for the certificate.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       The certificate chain didn't end in a trusted root. Root = CN=mail.ourdomain.com, CN=companyweb, CN=sbs2003, CN=localhost, CN=sbs2003.ourdomain.com

How do I get the activesync to detect / acknowledge the certificate from our 2008 server?  Should I be purchasing and installing a certificate from a certificate authority ( will this make my issues go away?)
0
Comment
Question by:Lisaa_G
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 16

Expert Comment

by:Postmaster
ID: 39183334
does the external URL lead to a 2010 CAS server?
0
 
LVL 23

Expert Comment

by:Malli Boppe
ID: 39183484
Do you have a UC certificate install  on the CAS server with the following domains.


CASservername.domain.com
autodiscover.domain.com
webmail.domain.com

Is the CAS server configured  properly for all the virtual directories. Has firewall changes been done  so that any traffic for webmail gets forwarded to exchange 2010 CAS server
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 39183524
I always install a 3rd party SSL certificate for my installations and as soon as I do, Activesync works immediately afterwards.

Your problem is the self-issued SSL certificate isn't trusted and a 3rd party cert will cure that problem.

A GoDaddy SSL cert will cost you about $90 for a year for a SAN cert or a GoDaddy reseller cert will cost you $60, so the cost is minimal and it means it will work.

Alan
0
 

Author Closing Comment

by:Lisaa_G
ID: 39233306
Sorry for the delay getting back to you - ended up with a few other minor problems that needed to be addressed but this solved the problem.

Thank you!!!!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
On September 18, Experts Exchange launched the first installment of the Help Bell, a new feature for Premium Members, Team Accounts, and Qualified Experts. The Help Bell will serve as an additional tool to help teams increase question visibility.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question