Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange/PowerShell SSL certicate error

Posted on 2013-05-23
4
Medium Priority
?
2,170 Views
Last Modified: 2013-05-25
We are using MDM (Mobile device Management) solution (SaaS), which enables ActiveSync on users mailbox when user provision devices in MDM. The process had been working until last week. Now MDM solution console is generating below error message and PowerShell is not executed for any new devices provisioned in MDM:

Error message:
Exception Message: Connecting to remote server failed with the following error message : The server certificate on the destination computer (XXX.test.com:443) has the following errors:  The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable.

There was recently a change implemented on Exchange/CAS server. The IIS for client certificates was set to "Ignore" in SSL Settings for ActiveSync folder. This was implemented because existing ActiveSync users were getting 403 certificate error on devices. Implementing the change resolved the connectivity issue for existing MDM provisioned devices

Not sure if the above changes has impacted executing powershell. But the error is now generated for executing PowerShell for new devices enrolling in MDM solution.

We are using Exchange 2010

Any resolution or solution will be appreciated
0
Comment
Question by:lbeach94
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 12

Accepted Solution

by:
Julian123 earned 1500 total points
ID: 39193252
This can be caused by failure to connect to the certificate revocation list. Here are a couple of causes and options: http://exchangeserverpro.com/exchange-2010-certificate-revocation-checks-and-proxy-settings/
0
 

Author Comment

by:lbeach94
ID: 39193273
Thanks for the quick response. Where are these settings applied , on Exchange/CAS server ?
0
 
LVL 12

Expert Comment

by:Julian123
ID: 39193286
For ActiveSync, should be the CAS. I'd check the mailbox too if the CAS doesn't do it as I'm not sure offhand what the MDM server is connecting to.
0
 

Author Comment

by:lbeach94
ID: 39193296
MDM server connect to CAS servers to run powershell for user mailbox. The error generated is on MDM connectivity server
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question