Hi, we use Windows 2003 mobile devices in our organisation which receive email from our Exchange 2003 SP2 server. When I set up a new device I need to install a certificate on it in order for it to be able to sync. This certificate is due to expire soon. I know a little bit about IIS but does anyone know what I need to do to create a new certificate for our OMA devices or where I can find some instructions. I havent had much luck with google so far but maybe they arent referred to as client side certificates?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
OMA certificate about to expire 1
- Thread starter ouzojd
- Start date
-
1
- #2
ShackDaddy
MIS
If you begin the process of renewing the cert from the people that provided it, you are usually provided instructions for installing the cert on your server.
Typically you have to request a new cert from within the IIS security settings for your site. That causes a cert-request file to be created. You give that to the cert provider, and they in turn give you a file that you import using the same IIS Security settings config area. You would then need to distribute that cert in the same fashion that you currently distribute your existing cert.
Here's a renewal walkthrough:
ShackDaddy
Shackelford Consulting
Typically you have to request a new cert from within the IIS security settings for your site. That causes a cert-request file to be created. You give that to the cert provider, and they in turn give you a file that you import using the same IIS Security settings config area. You would then need to distribute that cert in the same fashion that you currently distribute your existing cert.
Here's a renewal walkthrough:
ShackDaddy
Shackelford Consulting
- Thread starter
- #3
OK, thanks. I've actually done that before for a SSL site at my old job but I thought this may be different been that the cert has to be installed on the mobile devices in order for them to authenticate.
I guess my other concern is if I create a new certificate (not through verisign or similar but generating my own) will the mobile devices currently using OMA stop working until I manually install the new certificate on them?
I guess my other concern is if I create a new certificate (not through verisign or similar but generating my own) will the mobile devices currently using OMA stop working until I manually install the new certificate on them?
ShackDaddy
MIS
Yes, they will stop working till you install the new certs.
GoDaddy sells a cert for $20 that will work on most mobile devices. That's what I've been deploying for the last year, since the self-signed can be such a hassle with the mobiles.
ShackDaddy
Shackelford Consulting
GoDaddy sells a cert for $20 that will work on most mobile devices. That's what I've been deploying for the last year, since the self-signed can be such a hassle with the mobiles.
ShackDaddy
Shackelford Consulting
ShackDaddy
MIS
GoDaddy uses the root Valicert, but they also have a cert path that includes the intermediate Starfield cert, so the basic cert you get from GoDaddy won't work unless you've also installed the Starfield cert.
I think maybe in some situations you also have to install the Starfield intermediate cert on the Treo's to get them to work.
ShackDaddy
Shackelford Consulting
I think maybe in some situations you also have to install the Starfield intermediate cert on the Treo's to get them to work.
ShackDaddy
Shackelford Consulting
- Thread starter
- #7
ShackDaddy
MIS
If you set them to connect via HTTP instead of HTTPS, you will be bypassing the cert.
ShackDaddy
Shackelford Consulting
ShackDaddy
Shackelford Consulting
- Thread starter
- #9
- Status
Similar threads
- Locked
- Question
- Locked
- Helpful tip
- Locked
- Question