Windows Phone 7 SSL

IMG_1849I have an HTC surround Windows Phone 7 phone I use as my daily driver. I’m a hug fan of my WP7 phone. I’m able to sync mine with 6 ActiveSync accounts; huge for me since I have accounts on so many Exchange servers. I’ve become involved with a consulting / managed services company now that I am not working for Clear anymore, and I had a hell of time making my phone sync with the Exchange server there. Read I could not get it to work and I’ve been too lazy to work out how to fix it.

This morning I made the time to fix it, and after about an hour of messing around I was able to make it work. Below is a run down of my issue and how I fixed it.

Error || The error on the phone was “there is an error with the certificate for the mail.cohesivelogic.net” Error code 80072F0d

 

Solving the issue

Below is an outline of steps I took to work out the issue

  • First I used Outlook on my computer to test AutoDiscover ( Hold down CTRL + rRght click the Outlook Icon on the system tray near the time and select Test AutoDiscover ) – I did this because we have .com email addresses and a .net email server and I wanted to be sure everything was correct
  • After messing with the server settings a bit ( swaping .com and .net ) I got the CERT error
  • Logged into OWA to check the certificate and make sure it had all of the needed SAN names on it – it did
  • So I sat there scratching my head for a bit – then it came to me “ Maybe, Windows Phone 7 does not trust startSSL” – I looked it up http://msdn.microsoft.com/en-us/library/gg521150(VS.92).aspx, and my grabthars hammer startSSL / StartCOM was not listed
  • Now I had 2 issues, how to install a Cert on WP7 and where to find the root CA so I could download it to install it.
  • I found the root CA here – http://www.startssl.com/certs/ – Hint you need the CA.CER file to add the root to the phone.
  • To get the CERT on my phone I downloaded the file to my desktop, Emailed it a working Outlook account on my phone. Then clicked the file on my phone and it allowed me to install the cert. The phone is smart enough to know the file type and know what to do with it.
  • After installing the trusted root CA my none working ActiveSync account started working YEAH! more email to read while driving, I mean more email to read on my phone…..

Moral of the story – WP7 only supports a limited number of certs out of the box. It’s pretty simple to add a new cert and be off and moving if you run into a cert issue.

Related Posts with Thumbnails

About Kevinm