1 Reply Latest reply: Aug 6, 2010 7:02 PM by wapstar
wapstar Level 1 Level 1 (0 points)
I've read a lot of materials/posts over the last few days trying to get our MS Exchange Server (ActiveSync) to work with both iPhones and iPads with SSL turned on at the server level.

Qualifications: tech savvy but definitely not an exchange expert.

Setup: We are a small business with a very simple setup for exchange, just one server with MS Exchange 2003 SP2 running on it (no front-end/back-end server setup). In addition we have a dedicated BES server for our Blackberries, a SQL server and some other stuff, but exchange is just on one box.

The exchange server was originally set to not use SSL and under that setting we can connect iPhones/iPad with no problem and get mail/contacts/calendars to sync (through OWA). However, not using SSL is not an option for us.

After creating/installing our own SSL certificate using CA and installing the certificate on the devices (through email) we are not able to connect to the server. The certificate is working properly for OWA when we access through a web browser. (We used the following instructions to create/install the certificate: http://www.msexchange.org/tutorials/SSLEnabling_OWA2003.html)

When I look in the event long on the server I see the following error:

Event ID: 3029
Description: The mailbox server ( servermydomaincom ) has its ( exchange ) virtual directory set to require SSL. Exchange ActiveSync cannot access the server if SSL is set to be required.

I found this support doc http://support.microsoft.com/kb/817379 which shows a couple of possible resolutions to the problem.

I don't think Method 1 is an option for us as it sounds like a lot of changes to our overall configuration. Method 2 might work but I would like to get some feedback from people that have tried it or have found a better solution to this problem?

Any suggestions/insight would be greatly appreciated.

Message was edited by: wapstar

Message was edited by: wapstar

iPad/iPhone/MacBook Pro/PowerBook...
  • wapstar Level 1 Level 1 (0 points)

    We went ahead and made the changes suggested in Method 2 in the above referenced Microsoft KB 817379.

    It worked, we are now able to connect to the server with SSL checked on the server and everything works.

    However, we are only able to get it to work using "Ignore client certificates". We tried using "Require client certificates" and install the client certificate on both our iPads and iPhones but they will not connect. We can however get this to work on the regular browser based OWA with client certificates installed.

    Can someone help us figure out how to issue and install the CA client side certificates on the iPhone/iPads so we can get this to work?