lbeach94
asked on
Exchange/PowerShell SSL certicate error
We are using MDM (Mobile device Management) solution (SaaS), which enables ActiveSync on users mailbox when user provision devices in MDM. The process had been working until last week. Now MDM solution console is generating below error message and PowerShell is not executed for any new devices provisioned in MDM:
Error message:
Exception Message: Connecting to remote server failed with the following error message : The server certificate on the destination computer (XXX.test.com:443) has the following errors: The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable.
There was recently a change implemented on Exchange/CAS server. The IIS for client certificates was set to "Ignore" in SSL Settings for ActiveSync folder. This was implemented because existing ActiveSync users were getting 403 certificate error on devices. Implementing the change resolved the connectivity issue for existing MDM provisioned devices
Not sure if the above changes has impacted executing powershell. But the error is now generated for executing PowerShell for new devices enrolling in MDM solution.
We are using Exchange 2010
Any resolution or solution will be appreciated
Error message:
Exception Message: Connecting to remote server failed with the following error message : The server certificate on the destination computer (XXX.test.com:443) has the following errors: The SSL certificate could not be checked for revocation. The server used to check for revocation might be unreachable.
There was recently a change implemented on Exchange/CAS server. The IIS for client certificates was set to "Ignore" in SSL Settings for ActiveSync folder. This was implemented because existing ActiveSync users were getting 403 certificate error on devices. Implementing the change resolved the connectivity issue for existing MDM provisioned devices
Not sure if the above changes has impacted executing powershell. But the error is now generated for executing PowerShell for new devices enrolling in MDM solution.
We are using Exchange 2010
Any resolution or solution will be appreciated
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
For ActiveSync, should be the CAS. I'd check the mailbox too if the CAS doesn't do it as I'm not sure offhand what the MDM server is connecting to.
ASKER
MDM server connect to CAS servers to run powershell for user mailbox. The error generated is on MDM connectivity server
ASKER