In my experience the iPhone reacts very badly to a self-signed certificate. It also means you may have trust issues. When you can get a signed certificate the iPhone likes for US$30/year, it doesn't make any sense to try and get self-signed certificates to work.
Therefore my recommendations to you would be a. Get a signed SSL certificate. b. Setup a test account on your domain c. Test said test account with the Microsoft test site at https://testexchangeconnectivity.com That will confirm whether ActiveSync and the certificate trust is setup correctly. If it passes the tests on the Microsoft site, then you can go back to the iPhone and setup again. Or you could just buy a Blackberry which works straight out of the box, with very little hassle on the user's end. ;-) Simon. -- Simon Butler MVP: Exchange, MCSE Sembee Ltd. e: [email protected] w: http://www.sembee.co.uk/ w: http://www.amset.info/ w: http://blog.sembee.co.uk/ Need cheap certificates for Exchange, compatible with Windows Mobile 5.0? http://CertificatesForExchange.com/<http://certificatesforexchange.com/> for certificates from just $23.99. Need a domain for your certificate? http://DomainsForExchange.net/<http://domainsforexchange.net/> Exchange Resources: http://exbpa.com/ From: David W. McSpadden [mailto:[email protected]] Sent: 15 June 2010 19:44 To: MS-Exchange Admin Issues Subject: RE: IPhone connectivity with Exchange It is self signed. Not covered ________________________________ From: Jonathan Link [mailto:[email protected]] Sent: Tuesday, June 15, 2010 2:38 PM To: MS-Exchange Admin Issues Subject: Re: IPhone connectivity with Exchange No. Install the cert in your browser, if you haven't already, export it to a file, send the file as an attachment to an email to an address the iPhone can reach. (As I recall OWA didn't work, I had to send it to my gmail account.) Tap the file, and you should be prompted to install it on your phone. And this presumes you're using a self-signed cert. I tried going back through the thread, and I didn't see any details on your environment... On Tue, Jun 15, 2010 at 2:21 PM, Carol Fee <[email protected]<mailto:[email protected]>> wrote: yes CFee From: David W. McSpadden [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 2:16 PM To: MS-Exchange Admin Issues Subject: RE: IPhone connectivity with Exchange I accept the cert? Is that the same as install? ________________________________ From: Jonathan Link [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 1:51 PM To: MS-Exchange Admin Issues Subject: Re: IPhone connectivity with Exchange Did you install the cert on the iPhone? I'm not sure exactly what fixed my problem, I know I had installed the cert on my phone, previously, based on information I'd read earlier. The last thing I did do was make sure that oma worked. I may have had a few Exchange updates outstanding that I took care of, too. It was a side project and only benefited me at the time, so I wasn't carefully monitoring my actions. On Tue, Jun 15, 2010 at 1:15 PM, David W. McSpadden <[email protected]<mailto:[email protected]>> wrote: Nope. Exchange relays to Ironport, Ironport relays to Cisco ASA. ________________________________ From: sms adm [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 1:07 PM To: MS-Exchange Admin Issues Subject: Re: IPhone connectivity with Exchange Are you accessing through ISA? On Tue, Jun 15, 2010 at 12:12 PM, Jonathan Link <[email protected]<mailto:[email protected]>> wrote: http://support.microsoft.com/smarterror/default.aspx?spid=global&query=kb%20817379&errurl=%2fdefault.aspx%2fkb%2f817379%29 You may have better luck with Google Technical Support with unable to browse OMA Activesync. This link came from Bing, Google was down for me. On Tue, Jun 15, 2010 at 12:04 PM, David W. McSpadden <[email protected]<mailto:[email protected]>> wrote: Enabled for all users currently so I must have something else messed up. ________________________________ From: Jonathan Link [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 12:03 PM To: MS-Exchange Admin Issues Subject: Re: IPhone connectivity with Exchange Or disabled for the user... but I bet that's why you're having trouble. On Tue, Jun 15, 2010 at 11:55 AM, David W. McSpadden <[email protected]<mailto:[email protected]>> wrote: Came up asking for authentication creds. Then failed with a system error. OMA might be jacked? ________________________________ From: Jonathan Link [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 11:52 AM To: MS-Exchange Admin Issues Subject: Re: IPhone connectivity with Exchange I may have been unclear. I had the same behavior as you when attempting to get my iPhone talking to our Exchange server. I do remember being unable to browse to https://exchangeserver/oma, but I don't recall what I did to fix that problem. have you verified that you can get to /oma? On Tue, Jun 15, 2010 at 11:22 AM, Jonathan Link <[email protected]<mailto:[email protected]>> wrote: Can you browse to https://exchangeserver/oma? If not you may not have everything setup correctly. I had an issue, don't recall how I resolved it though. On Tue, Jun 15, 2010 at 11:18 AM, David W. McSpadden <[email protected]<mailto:[email protected]>> wrote: I can browse. I can even connect to owa with safari. -----Original Message----- From: Ellis, John P. [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 11:18 AM To: MS-Exchange Admin Issues Subject: RE: IPhone connectivity with Exchange Can you browse the web on the phone? Ive seen odd errors that have been due to the device not having a data connection john -----Original Message----- From: David W. McSpadden [mailto:[email protected]<mailto:[email protected]>] Sent: 15 June 2010 16:13 To: MS-Exchange Admin Issues Subject: RE: IPhone connectivity with Exchange During account setup I am getting account verification failed. -----Original Message----- From: Ellis, John P. [mailto:[email protected]<mailto:[email protected]>] Sent: Tuesday, June 15, 2010 11:06 AM To: MS-Exchange Admin Issues Subject: RE: IPhone connectivity with Exchange Have your tried dropping out the domain bit? Or changing the IP address to a domain name I.e mobile-email.yourco.com<http://mobile-email.yourco.com/>? So it matches the name on the cert John -----Original Message----- From: David McSpadden [mailto:[email protected]<mailto:[email protected]>] Sent: 15 June 2010 15:20 To: MS-Exchange Admin Issues Subject: RE: IPhone connectivity with Exchange <banging head on desk> I can get to my exchange (2003 standard) box via OWA with ssl over the internet using safari on the IPhone. I go the settings, mail, add exchange, put in my smtp mail account, user name, password, domain, Internet IP address for exchange, accept cert when it comes up. Go to mail and try and get mail from the app and get a Cannot Get Mail the connection to the server failed message.... <continue banging head> ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.clearswift.com<http://www.clearswift.com/> ********************************************************************** -- smsadm
