Active sync to mobile phones stopped working

Posted on 2013-11-18
Last Modified: 2013-11-20
We moved a 2003 exchange email server to another location and changed the mx records to point to the new location.  The email and web email all are working.  I am getting a certificate error on the website and the mobile devices, however that does not seem to be the problem. The mobile phone seem connect to the exchange server and send back a message that the certificate has a problem. The name of the site does not match the name of the certificate. I say continue and then get unable to connect to server.
I go into iis Microsoft-server-activesync and when a change anything authentication methods I get different errors (this tells me that my phone is getting to the server).  The settings I have now in directory security and the authentication access control are basic authentication checked.
Question by:DaveGerke
  • 3
  • 3
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39657927
If you are getting SSL errors then that is the problem - ActiveSync is very sensitive to SSL problems on most devices.
Is it a trusted SSL certificate? If not it should be. Have the host names involved changed?
If you browse from a desktop to the host name that you are using, do you get the SSL prompt? If so, look at the SSL certificate. Is it the correct one?


Author Comment

ID: 39657957
We had ssl errors before I moved servers and webmail works with the DSL error. I have punted working on this and have paid Microsoft $300 to fix. Have been on phone for two hours
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39657963
Webmail will work with SSL errors, activesync cannot cope with the certificate prompts.
A trusted SSL certificate is $10, would save a lot of the hassles.

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!


Author Comment

ID: 39659550
I was just going to use the built in certificates from exchange on the server.  I pay about $200 a year for SSL certs for other websites we have. Where can I get a $10 SSL cert.  Do I need to buy the cert for my website email address or my exchange server ZEUS?  Not sure how to install this and will need to do some reading.  Thanks for the help.
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 500 total points
ID: 39664178
There is no need to pay $200 for a certificate.
You can get certificates for $10 from GoDaddy, which are trusted by most mobile devices. If you don't want the GoDaddy name on the certificate then find a reseller account - they use the same certificates just without the GoDaddy name.

On Exchange 2007 and higher the self signed certificates are not supported for use with ActiveSync.


Author Closing Comment

ID: 39664201
This was helpful and I had Microsoft fix the problem that had to do with a internal IP number in my IIS owa granted access list. I just missed it when I moved the servers.  I was asking if the $10 certificate was a year term. I can find that all out by just visiting the site for go daddy or geotrust who I use now. I'm not sure why I am paying so much I will research.  I did not realize all SSL certificates were the same.  This was really a side conversation on my problem and I will give the points to this item which I need to address anyways to have a cleaner system.

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
php mail headers 2 13
Sendmail STARTTLS error 37 43
Circular Logging 2 32
Exchange 2013 cannot find discovery search mailbox 10 23
Resolve Outlook connectivity issues after moving mailbox to new Exchange 2016 server
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Familiarize people with the process of utilizing SQL Server stored procedures from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Micr…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now