|
|
|
date: Tue, 8 Apr 2008 13:45:07 +0000 (UTC),
group: microsoft.public.exchange.mobility
back
Re: Host Headers and Mobile Devices - Sync issues?
Thank you - I guess I didn't realize you could have a cert with a common
name different than the server name. However, how do I got about now and
requiring SSL using 128bit encryption. I have standard 443 port open for
https, and my mobile devices can now sync, but if I check the box for "Require
Secure Channel" and "128bit encryption" and then try and sync my device,
it doesn't work. I had this box checked on my previous server with no problems.
The only difference is the cert doesn't match the actual server name any
more.
Do I check the box for "require secure channel" on the default website and
propagate down, or just on one of the subsites under the default website?
Thank in advance!
Sara
> "Sara L" wrote in message
> news:28ab41d128d908ca66dc9523a9c5@msnews.microsoft.com...
>
>> Has anyone had any luck using host headers in their Exchange IIS
>> settings (Windows 2003 R2, Exch 2003 SP2) and having their mobile
>> devices sync successfully? I tried using a host header and
>> implementing SSL, but cannot do so. I wanted to use my existing cert
>> that I have, and wanted to use a host header since my new email
>> server has a different name than the cert.
>>
> You don't need to use a Host Header, just get your users to use the
> server name that matches your certificate, and they won't get the name
> mismatch warning. Host Headers always seem to break OMA and
> ActiveSync, and there isn't a fix for it.
>
> Lee.
>
> Outlook Web Access For PDA , OWA For WAP
> www.leederbyshire.com
> email a@t leederbyshire d.0.t c.0.m
> ______________________________________
date: Tue, 8 Apr 2008 13:45:07 +0000 (UTC)
author: Sara L
Re: Host Headers and Mobile Devices - Sync issues?
The easiest thing is to not actually require SSL on the server, but only
open port 443 on your firewall. SSL will still work on the server, even if
you haven't actually ticked that checkbox. The reason it's easier that way
is that requiring SSL on the Exchange Virtual Directory in IIS Manager
breaks both OMA and ActiveSync, which need to connect to that Exchange VDir
on port 80 only. If you absolutely need to require SSL on Exchange, then
you will need to follow the procedure in the MS document KB817379 .
Lee.
"Sara L" wrote in message
news:28ab41d1293168ca676bfb9627b2@msnews.microsoft.com...
> Thank you - I guess I didn't realize you could have a cert with a common
> name different than the server name. However, how do I got about now and
> requiring SSL using 128bit encryption. I have standard 443 port open for
> https, and my mobile devices can now sync, but if I check the box for
> "Require Secure Channel" and "128bit encryption" and then try and sync my
> device, it doesn't work. I had this box checked on my previous server
> with no problems. The only difference is the cert doesn't match the actual
> server name any more.
>
> Do I check the box for "require secure channel" on the default website and
> propagate down, or just on one of the subsites under the default website?
>
> Thank in advance!
>
> Sara
>
>
>
>> "Sara L" wrote in message
>> news:28ab41d128d908ca66dc9523a9c5@msnews.microsoft.com...
>>
>>> Has anyone had any luck using host headers in their Exchange IIS
>>> settings (Windows 2003 R2, Exch 2003 SP2) and having their mobile
>>> devices sync successfully? I tried using a host header and
>>> implementing SSL, but cannot do so. I wanted to use my existing cert
>>> that I have, and wanted to use a host header since my new email
>>> server has a different name than the cert.
>>>
>> You don't need to use a Host Header, just get your users to use the
>> server name that matches your certificate, and they won't get the name
>> mismatch warning. Host Headers always seem to break OMA and
>> ActiveSync, and there isn't a fix for it.
>>
>> Lee.
>>
>> Outlook Web Access For PDA , OWA For WAP
>> www.leederbyshire.com
>> email a@t leederbyshire d.0.t c.0.m
>> ______________________________________
>
date: Tue, 8 Apr 2008 16:29:55 +0100
author: Lee Derbyshire [MVP] email a@t leederbyshire d.0.t c.0.m
|
|
