Page 46 of 158 « First 364445 46 474856 Last »
Reply
Thread Tools
terminal3 is offline terminal3
2009-12-14 , 00:27
Posts: 31 | Thanked: 41 times | Joined on Dec 2009 @ United States
#451
I was also recieving the "Exchange server requires secure connection or account is disabled" error. I had exported the certificate chain of our private CAs and imported them to the device with no change, either over WiFi or GPRS.

After finding the following bug report, I fixed it after seeing that what Labra had suggested was the case. (comment 17)

https://bugs.maemo.org/show_bug.cgi?id=6467#c17

The user-imported certificates are being imported 'into /home/user/.maemosec-certs/ssl-ca', and MfE only seems to look at certificates in '/home/user/.activesync/certs'. Copying the imported private CA cert files allowed me to sync.

edit: oops, saw that Labra posted this earlier in the thread. Good work
Last edited by terminal3; 2009-12-14 at 01:11.
 

The Following User Says Thank You to terminal3 For This Useful Post:
Guber99 is offline Guber99
2009-12-14 , 01:24
Banned | Posts: 291 | Thanked: 60 times | Joined on Dec 2009
#452
Vitaly, Yes it is exchange 2007. Here is the web based page of my exchange server:
https://mail.upmc.edu/owa/auth/logon...ote%26a%3dSend,

I believe it is SP1, but not absolutely sure. Again, why does it sync with E71 and E51 but not with Nokia N900?????
 
terminal3 is offline terminal3
2009-12-14 , 01:48
Posts: 31 | Thanked: 41 times | Joined on Dec 2009 @ United States
#453
Originally Posted by Guber99 View Post
Vitaly, Yes it is exchange 2007. Here is the web based page of my exchange server:
https://mail.upmc.edu/owa/auth/logon...ote%26a%3dSend,

I believe it is SP1, but not absolutely sure. Again, why does it sync with E71 and E51 but not with Nokia N900?????
As a note, OWA and Exchange ActiveSync can use different certificates.

Most organizations would use a certificate from a publicly trusted CA so that clients can use OWA from any computer without certificate trust issues.

If a private or self-signed certificate is used for the Microsoft-Server-ActiveSync virtual directory on the Exchange server in IIS, the sync would fail due to the bug Labra identified.
 

The Following User Says Thank You to terminal3 For This Useful Post:
labra is offline labra
2009-12-14 , 07:16
Posts: 42 | Thanked: 27 times | Joined on Dec 2009 @ Espoo, Finland
#454
Originally Posted by terminal3 View Post
I was also recieving the "Exchange server requires secure connection or account is disabled" error. I had exported the certificate chain of our private CAs and imported them to the device with no change, either over WiFi or GPRS.

After finding the following bug report, I fixed it after seeing that what Labra had suggested was the case. (comment 17)

https://bugs.maemo.org/show_bug.cgi?id=6467#c17

The user-imported certificates are being imported 'into /home/user/.maemosec-certs/ssl-ca', and MfE only seems to look at certificates in '/home/user/.activesync/certs'. Copying the imported private CA cert files allowed me to sync.
Nice to hear that my trick did the job!
 

The Following User Says Thank You to labra For This Useful Post:
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2009-12-14 , 08:45
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#455
Originally Posted by labra View Post
What is the proper int parameter to gconftool-2 to disable logging again?

These parameters shall be removed from gconf. Use the commands like this:

gconftool-2 -u /apps/activesync/AsDaemon/Syslog/MinLogLevel

After device reboot the logs will not be collected.
 

The Following 2 Users Say Thank You to vitaly_repin For This Useful Post:
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2009-12-14 , 08:48
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#456
Originally Posted by Azimalicous View Post
On my N900, i can only go to the OWA site's IP address, which makes me think its a DNS issue?
Open terminal (xterm) and try to ping your server by name, Will it resolve the DNS name to IP address?

You can try to ping google.com at first to be sure that DNS works at least for google :-)

The proper tool to use is "dig" but I don't know where to get it for maemo externally.
 

The Following User Says Thank You to vitaly_repin For This Useful Post:
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2009-12-14 , 08:51
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#457
Originally Posted by Guber99 View Post
I believe it is SP1, but not absolutely sure. Again, why does it sync with E71 and E51 but not with Nokia N900?????
Because the protocol stacks for N900 and E71/E51 are different.

Would be very good if you can share the logs...
 

The Following 2 Users Say Thank You to vitaly_repin For This Useful Post:
labra is offline labra
2009-12-14 , 08:54
Posts: 42 | Thanked: 27 times | Joined on Dec 2009 @ Espoo, Finland
#458
Originally Posted by terminal3 View Post
I was also recieving the "Exchange server requires secure connection or account is disabled" error. I had exported the certificate chain of our private CAs and imported them to the device with no change, either over WiFi or GPRS.

After finding the following bug report, I fixed it after seeing that what Labra had suggested was the case. (comment 17)

https://bugs.maemo.org/show_bug.cgi?id=6467#c17

The user-imported certificates are being imported 'into /home/user/.maemosec-certs/ssl-ca', and MfE only seems to look at certificates in '/home/user/.activesync/certs'. Copying the imported private CA cert files allowed me to sync.

edit: oops, saw that Labra posted this earlier in the thread. Good work
vitaly_repin: is this a known bug and will this be fixed?
 
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2009-12-14 , 08:56
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#459
Originally Posted by labra View Post
Hi!

Now I managed to solve this. I added the cert to the certificate store. By going though the /home/user/ directory I found out that these certificates are put to /home/user/.maemosec-certs/ssl-ca/ -directory. The /home/user/.activesync/certs/ -directory does not have any symlinks to there. I manually symlinked the imported certificate from the .maemosec-certs/ssl-ca/ -directory to the activesync's directory, and it works!
Confirming the bug. Completely forgot that this crap is included into the sales box distribution. Sorry for not informing you, guys, here. Will include the link to this post in the very first post of this thread.

After sw. update, this bug will not happen anymore and no additional steps (symbolic linking) will be needed to import certificate.
 

The Following 6 Users Say Thank You to vitaly_repin For This Useful Post:
vitaly_repin's Avatar
vitaly_repin is offline vitaly_repin
2009-12-14 , 09:21
Posts: 320 | Thanked: 763 times | Joined on Oct 2009 @ Espoo, FInland
#460
Originally Posted by frals View Post
Trying to sync with exchange 2007; fails: http://irc.frals.se/syslog (edited out my email+value of the passfield)

non-prov devices are allowed, cert should be installed correctly, no autodiscover configured (isnt a req right?). happy to supply more info if needed
12.1 protocol (Exchange update is needed). Or wait for N900 MfE client update. I am really sorry about this bug.

The keywords to detect it:

MS-ASProtocolVersions: 1.0,2.0,2.1,2.5,12.0
AS-LIB: Created factory for version 2.5

After client update (w/o server update) you will see:

MS-ASProtocolVersions: 1.0,2.0,2.1,2.5,12.0
AS-LIB: Created factory for version 12.0

After Exchange update you will see:

MS-ASProtocolVersions: 1.0,2.0,2.1,2.5,12.0,12.1
AS-LIB: Created factory for version 12.1
 

The Following 3 Users Say Thank You to vitaly_repin For This Useful Post:
Reply
Page 46 of 158 « First 364445 46 474856 Last »

Tags
activesync, certificate, email, exchange, fremantle, ignore tex14, maemo 5, mail for exchange, mfe, n900, provisioning, sync, thanks vitaly!

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 10:13.

Contact Us - Home - Archive - Top