Ok, I got my G1 a couple days ago and it's absolutely one of the coolest things I've ever used... I loved my Wing and MDA that I've used the past few years but this just absolutely blows them away. As soon as it gets an exchange connector and longer battery life(!!!!!) it will be perfect. (I've had it for 2 days and have had to fully charge it 4 times.. and the GPS and Wifi are normally off).
Anyway, to the point, I have a couple of email servers that I run with self-signed certificates over secure imap (port 993). It allows me to choose secure imap but apparently does not appreciate the certificate I created since it comes back and tells me its invalid (because of the unrecognized certificate authority although it doesn't state that specifically). I haven't dug down into it much yet (hoping somebody might already know the answer) but there has to be a way to tell it to accept the certificate anyway (just like any other email client on the planet). Ive opened up 143 so I can at least get email (and it works beautifully!) but I would really much rather have an encrypted connection.
So, if anyone out there might know, I'd appreciate a push in the right direction.
Thanks!
self signed email server certificates solution
bytesniper,
A recent arcticle on http://www.androidinmymobile.com has information about the new experimental fork of the mail client called K-9, and it works with self signed certificates. At last secure imap
Dazza
self signed certs
Not only does it support self-signed (and other, e.g., mismatched hostname) certificates, but webdav (a.k.a. Exchange) support will be available shortly. I'm already running a developer version of it on my g1, and it works nicely.
Related
My company runs an exchange server for email, and I was wondering if anyknow knows how to connect to them, using the mogul. I went through the setup on the phone, with no success...Are their any additional steps required to connect to the server when you are not on the same network as the server?
Missing Certificate ?
I think you'll have to install the certificate from your Mailserver on the phone to get it working.
Do you get any active-sync error code when you're trying to sync ?
In general you get an error-code in ActiveSync which is telling you what's wrong...
IMHO the best idea would be: aks your IT-Stuff in your company
you need to add a server in active sync with your companys exchange server addy and your username/password
To be clear you need to enter your companies OWA server address. At most small companies this is your Exchange server and at most large companies it is your ISA server.
Example:
You access OWA using https://exchange.mycompany.com/exchange
You enter: exchange.mycompany.com in the activesync settings and you use your username, password and domain to authenticate
You also need to make sure Outlook Mobile Access is enabled on the Exchange Server and on your Exchange Mailbox. You will need to contact your IT Admin to verify these settings.
I'm in the same boat as the OP. I had been trying to hit the mail server directly or via VPN, with no luck, probably due to no certificate. Never thought about OWA. I set this up as indicated in the prior post, and checked 'Tasks' only (just to run a quick test), and it sync'ed fine. I then checked email and calendar, and now it takes me to a company sign-in web page (same page I encounter when using web access to OWA). Weird thing is the page is in the ActiveSync window and does not appear to be rendering correctly or completely (e.g. no 'submit' button). Nonetheless, I sign in and click where the submit button "should be" and the page goes away and it appears to start syncing, only to take me back to the sign-in page again after 15-20 seconds. Any suggestions on how to get past this point? I've tried logging in to OWA from IE, but ActiveSync still brings up this sign-in page. And yes, I've got my userID, pswd, and domain properly set up as well. Thanks.
BTW, my company IT won't help because they only support handheld access for specific company-issued devices.
try using mail.yourcompanymailserver.com/oma
its a lightweight version that handles easy in mobile browsers (only if your IT guys have enabled it)
as for the OP your exchange settings could vary depending on how your admin set it up, ssl (requiring a certificate) or not. to get the certificate from your company you can dl it from the server mail.yourcompanymailserver.com/cersrv
you log in using your mail credentials and you select download certificate chain and select a der 64.
save it to your phone and just install.
chances are though if your company is using a lot of treo's they dont require ssl because you can't install self issued certificates on them (good work palm). so if you want to ask your IT guys their setup and post it here i can try to walk through it with you.
this is my situation and how i got it to work.
Although i tried to internal address of 1x01po2s.domain.name, that didn't work.
I thought about it for a while, and reasoned if i can access my companies exchange server outside the network through a http://mail.domain.name address, then maybe that'll work hahaha
BAM! it did and now it works perfectly fine. Conincidentally, since i started trying to get this going last week, i emailed a few guys i know and the last one who got my email (it was forwarded to try to solve the problem) said that because of security policies, i am not allowed to do this. Ooops!
Here is a quick run down of my settings:
server address: mail.domain.name
ssl is selected (checked)
username: exchange/nt workstation login name
password: user password
domain: network domain (we have different domains)
save password is selected
under advanced you can select whatever options you like
next select e-mail, and any other options you want
and you're done!
I also enabled the push email icon and get my email regularly on my phone throughout the day.
Well, i hope that this helps some of you out.
server address: mail.domain.name
Click to expand...
Click to collapse
just so folks know there is no standard for this, its whatever subdomain your company decided to put OWA on, for my company its webmail.companywebsite.com
best thing to do would be to ask someone in your company how to access email from outside the office using internet explorer, thats the address your lookign for
Sprint mogul (Titan) WM6.1 Rom update killed exchange server activesync
(Sorry in advance for the long Email) I purchased a Mogul from RS about three weeks ago. For the first week, it worked great! I logged into my company exchange server down loaded and synced email, cal,contacts,tasks ... was very excited. I also got very excited when I started t read threads in this blog .... it seems like there are some pretty smart members maybe someone can help!!
Noticed that there was a new Rom (Sprint TV and improved connection) installed the ROM.
Have spent endless hours with HTC technical support, sprint technical support (not an appropriate name). At times managed to get the email to load but never again Cal, Tasks, contacts. Always able to get sent emails to load (by checking option) . I'm left with a couple of alternatives (any others would be greatly appreciated (actually I really like this phone but I need my email,schedule,etc to work) The error is 0x8503001C there is no exact description about this from MSmobile it seesm to be an awh**** code. Searching on the web provides 1000s of hits unfortunately not just my issue.
o Go to an early Rom WM6.0. So far it seems like to do this I need to unlock the phone then flash the earlier rom?? Since no SIM card I need to hack the registry?? There are several products out there which is best (I do not mind paying for somethng that works well). I down loaded several "Oficial ROm versions ... unfortunately did not write down the number of the one the phone came with.
o Find some way of getting this thing to work well to keep the extra features
o My grace period ends in a week ... cancel with Sprint go to Att but there is not a 3G phone I like ... only Iphone ... it has issues for exchange server??
o I got my wife a Touch at the same time (it runs WM6.1) same issue. Downloaded once my corp email no cal, etc.
o I was told that this Rom was cooked up by MS & Sprint what a disaster
Please, please help ... Thanks in advance
Scurfer
Exchange email and Skype not working after Upgrading Sprint Touch to Wm6.1
The Exchange activesync died at connection and never can sync my company emails after I upgraded Touch to 6.1 Sprint/HTC ROM. Skype also does not work, no sound after first ring, even with 2.2.0.45. I like the GPS and Rev.A speed, and do not want to risk downgrading the ROM. Anybody encounter ssimilar situation?
In my work to access OWA I need passcode(RSA, that is a pain in the ass if your connection is cut), and due to the security policy of my work, I can't access the Exchange e-mail account in the android (is on a Exchange server 2003 SP1, with forced password policy, that prompt for password every minute without use and wipes everything, when two many times the password is wrong)
iPhones and WM based devices they are activated normally throw the same server address to exchange mobile service (with the security police enforced), but (i think) due to the unlock pattern tech, that there's no password and security sucks, I just can't configure it.
Even the Radius server blocks my nt account after a few attempts.
On the other e-mail with the Exchange server 2007 SP1, no policy, it works great..
I love android and I don't really like the idea of coming back to a WM or trying a iPhone or maybe a Blackberry since we have a BES too..
On the WM devices I installed a program that remove the annoying requesting always for password without removing the certification stamp that I'm following the policy...
Somebody came up with something like this for android?
Is something it can be worked around on future developments?
Any idea on working around on my issue?
Simply install something like Touchdown....
In any case.. this is not really a development question.
Hi all,
We have some HTC Hero's in my office and they have been connecting fine to the MS Exchange Servers for our e-mails fine through active sync.
But yesterday the IT Guys updated the Security Certificates and now we get an error message telling us that the site is not trusted anymore.
We have been sent some updated certificates for windows mobile phones, they are .p7c file, and some files called certificate.cer and intcertificate.cer.
My question is do these files work ok on the android O/S and they arent going to mess up the phone?
Thanks for any support you can offer,
I've not had a problem like this following our exchange certificates being updated. They've just worked
Only thing I could suggest is that you have SSL turned on in your exchange account settings on the Hero.
Hi,
In my organisation, the certificate for OWA is signed by a self signed CA. The first time I synched my Hero, it told me the certificate was invalid. I clicked on the Allow button, it never bothered me again.
I didn't find anyway to import external certificate (CA or server), but it doesn't seem to be needed.
Hi,I have the same question about sync to exchange2007.
At first ,you choice the allow button,it not bother you only at the live session.
If you restart you Hero, it told again, It's so unconfortable.
How to join the .cer file in the android? If the system believe the .cer,maybe it's working well.
Does anyone know the answer to this one?
I have a HTC Fuze on AT&T running the 6.5 Energy Rom. I also had this issue when running stock 6.1.
My work network is configured primarily for Blackberries, as that is what they provide for certain privileged employees. The policy is that that employees may sync their personal devices with the Exchange server, however their is no support provided. Everything was working fine until their security certificate recently expired. I contacted the network guys about this and they assured me that they would be renewing the certificate... eventually. There is no rush for this to happen and it could very well take months.
I am unable to sync my mail or calendar currently, as WM 6+ apparently does not give you the option of ignoring an expired certificate. I DO have the certificate installed, as everything was working fine before.
Does anyone know of a way to disable certificate "validation" on WM 6+? I have tried some of the tweaks and such mentioned for earlier versions, but it appears they are not valid on 6+
thanks
I apologize for bumping this, but I still have not been able to find a solution to this. I have found posts here and there referring to an inability to ignore expired certificates in WM 6 and later. I am hoping this is not the case. Any thoughts?
Bump. I could use a solution as well.
I picked up the focus yesterday and have run into an issue syncing with Outlook/Exchange Server 2003. I receive the error code below after the email account setup runs for a bit, I get contacts and calendar entries, then a few emails before the error is returned (everytime I try to sync later as the msg suggests). I tried finding the error code referenced on MS Support/Forums, AT&T Samsung forums, and even xda developers with no luck.
I did try a hard reset (from settings) and then recreate the account and I tried removing the hub on the start screen and then deleted the account and recreate same error every time.
Samsung Tech Support suggested that I add the same Certificate on my Server to the phone, Did so - still, no luck.
Anyone see this error/issue?
Outlook Error
Not Updated
We're having a problem syncing your
information. Try again later.
Last tried about a minute ago
Erro code: 8500201C--------------------------------------------------------------------------------
Mine has worked flawlessly. Sounds like you did everything I would have suggested except return and get a replacement phone.
I had that problem. the cause of mine was to have the SSL turned on. After I created the account, I went to setting>email and choose the outlook account, clicked on advanced, then scrolled down and uncheck the SSL checkbox. All worked perfect after that. although I guess I am not super secure.. but anyone that wants to hack and read my email.. feel free pretty boring.
It is obviously a software issue. How can a replacement phone solve any problem.
If your exchange server does not use public certificates (the ones that your company has to pay for), or the certificate comes from some publisher that WP7 doesn't know about, it will be touch to set it up. For one, import the server certificates directly does not work. In the past with WM phones, MS suggests you need to import the root certificate instead. So, see if you can find the root certificate for it.
agreed - was able to get Corporate Store to allow me to try settings on another Focus, with same results.
can see the Folders on my Outlook (some are unique to my Exchange Server), so we know that we are nearly there. little more tweaking, and also, update to a new Server,
but, that might not be for week or so, so if anyone has solutions, would be much appreciated.
I had problems with mine and worked with our Exchange admin. We found it was the encryption part of our policies. Both Device and Storage card encryption parts of the policy have to be turned off. After some research this is correct and expected to be fixed in Early 2011 when Microsoft starts pushing this for business.
Oh it also does not support alphanumeric passwords at the moment:
http://social.answers.microsoft.com/Forums/en-US/windowsphone7/thread/ee2ecd48-89bf-4e8c-b48e-553967517a4d
Here is the one about encryption:
http://social.answers.microsoft.com/Forums/en-US/windowsphone7/thread/7c4329c9-9f51-4184-8f48-5d4bc5c6269e
cwiley2566 said:
Oh it also does not support alphanumeric passwords at the moment:
http://social.answers.microsoft.com/Forums/en-US/windowsphone7/thread/ee2ecd48-89bf-4e8c-b48e-553967517a4d
Click to expand...
Click to collapse
That is really strange because my HTC Surround took my alpha numeric password just fine for my exchange email. Haven't had any issues with it at all.
Do you mean a password for the domain or the screen lock password? They are talking about the policy that requires a alpha numeric password (or not allowing simple passwords) for unlocking your screen. Our company allows simple passwords (just numbers) so I didn't see the problem.
We don't have a certificate,and all I had to do was go to advanced and turn off encrypted SSL connection ( I also have alphanumeric and symbol password for exchange)
I am referring to the screen lock policy in Exchange. Of course alphanumeric and symbol passwords for exchange/domain authentication will work.
Installing SSL Cert (quick and dirty)
Email your server's SSL cert to a GMail account. Hotmail blocks the attachment as an unsafe filetype.
Open the attachment and Phone7 should ask you if you want to install. Go back and set up your Outlook account.
Got mine working on Exchange 2003 even after the error messages
This happened to me as well. We have an Exchange 2003 server and what I did was go to "email and accounts" on the phone and went through the proccess and setup everything correctly but still got the error messages.
Now this is what fixed my issue (strange). I got out of the "email and accounts" and went into all programs list and opened "Outlook" , from there I put the settings in again for my account and presto, it just started working and syncing.
I did 2 phones likes this already and it works. Dont ask me how, but it does.
Hope this helps OP and anyone else using Exchange 2003.