ActiveSync with Certificate-Based Authentication
We are trying to setup ActiveSync with certificate-based authentication against Exchange 2010 SP2, but with no luck.
What has been done so far:
- OWA over https works fine. A public, trusted certificate is in place.
- Setup ActiveSync against this Exchange server: works fine, using user name/password.
- Issued a user cert, signed with an internal CA, CA-cert successfully imported into al client devices.
- Created a new OWA-site with cert-based authentication (just to make sure it works), imported user certificate into a mac, visit this OWA site - cert-based authentication works fine.
- Now, with the configuration utility, created configuration profile with that user cert and an ActiveSync account, left password blank and chose the imported cert (p12) as authentication means.
After installing that last profile the device keeps asking for a password and refuses to synchronize. Logs on the server show error 401.2, so I assume iPhone is ignoring the cert and is trying to use password-authentication instead.
The devices tested were iPhone 3G with IOS 4 and iPad 2 with IOS 5.
Any help will be greatly appreciated.
Roman.
iPad, iOS 5, also iPhone 3G