Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Problem syncing HTC PocketPC
  •  
fpavon

Messages: 18
Karma: 0
Send a private message to this user
Hi. I'm probing syncronization between HTC Pocket PC with Windows Mobile 5.0 and Kerio Mailserver 6.4.1. I've installed a self-generated certificate in the device, and it appears in root certificates. No firewall problem (it's well configured). I use SSL encryption. But when I try to sync, the error 0x80072F17 occurs. My domain is emvisesa.org, and the certificate that I created in the server is :


* Name : server2
* Issuer : emvisesa.org
* Subject : emvisesa.org
* Expires : 11/09/2008

What is wrong? is the problem the certificate?

With regards
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
The error 0x80072f17 is for an unsupported digital certificate.

It was a very simple Google search.
  •  
fpavon

Messages: 18
Karma: 0
Send a private message to this user
Yes. I knew that. But how must I create the certificate? In the device I could download it with INternet explorer, and it was registered. I can see it in the device's root certificates. Must I use 'intermediate' certificate?

With regards
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
'By default' you cannot install root certificates in Windows Mobile 5. Did you perform the necessary steps to overcome this perhaps overly protective 'feature' of Win Mobile 5?
  •  
fpavon

Messages: 18
Karma: 0
Send a private message to this user
I downloaded regeditSTG.zip, unpacked it, copied it to the device, executed it and changed the values as I read in the Kerio manual (http://www.kerio.com/manual/kms/en/ch34s04.html). Later I downloaded the certificate from my server in the device, it was installed without problem, but I'm not able to sync.

How must I create the certificate in Kerio mailserver? Is there any 'correct way'? What about 'intermediate' certificates?

With regards
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Are you able to connect to the HTTPS interface from Internet Explorer on the device without any warning?
Is the subject (hostname) in the certificate exactly same as the hostname you entered in ActiveSync account settings?

Intermediate certificate is not necessary, self-signed certificate is sufficient.
  •  
fpavon

Messages: 18
Karma: 0
Send a private message to this user
I can connect to the HTTPS service from Internet Explorer without any warning, even I can login to Kerio webmail from the device.

In the activesync configuration, the server name is my public IP because I do not have associate the domain name with my public IP.
And the certificate's subject is emvisesa.org (the domain name).

Is this the problem?

With regards
  •  
My IT Indy

Messages: 1262
Karma: 40
Send a private message to this user
Set up DNS for your domain and the issue will probably go away.

-
My IT Indy
Kerio Certified Reseller and Hosted Provider
http://www.myitindy.com
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Certificates can only apply to domain names, not to IP addresses. Browsers may not be so strict in applying these 'rules', but Activesync is.

Well meant tip: self-signed certificates are only valid for 1 year, so also make sure to create a new certificate and update your smartphones in time, or else that will break your connection in due time...
  •  
fpavon

Messages: 18
Karma: 0
Send a private message to this user
Must I create a host entry in my device for my public IP and the server name?
  •  
MareleSef

Messages: 8
Karma: 0
Send a private message to this user
1. Make sure that your Kerio Mailserver runs on the default http/https ports (depending on the connection type you select). ActiveSync will always connect to the default port even if you specifie other ports in the server address field.

2. Install the certificate automaticly issued by kerio mailserver: http://mail.company.com/server.cer (http://www.kerio.eu/manual/kms/en/ch34s04.html).

3. Make sure that the Server address in ActiveSync it's identical with the certificate you have installed.

I have it fuctional on a WM6 HTC P3600.
GL.

[Updated on: Thu, 13 September 2007 13:19]

  •  
fpavon

Messages: 18
Karma: 0
Send a private message to this user
The problem has been solved.

Thanks to all
Previous Topic: Asterisk v-mail and ldap with Kerio
Next Topic: Split Mail Server
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 20:37:32 CET 2017

Total time taken to generate the page: 0.00472 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.