1

All other methods of Activesync and web access to my Exchange server are working fine with no errors or issues, but when we attempt to configure Android phones for the server, it will only work with 'verify certificate' checked off.

Ideally, I'd like my users to be able to use the default configuration, which includes the 'Verify Certificate' option.

My primary question is: 'What does Verify Certificate do?', as I imagine if I knew that, I might have some idea why it isn't working.

Yannone
  • 347
  • 3
  • 9
  • Oh, if you want to check out the certificate, it's the certificate currently in use for 'mail.themountain.com'. – Yannone Feb 28 '11 at 17:07

2 Answers2

1

Verify Certificate will require all certificates in the chain to be valid--trusted, within the date range, etc. It might be your OWA certificate, or an intermediate one neither present on the server nor device--see http://support.microsoft.com/kb/927465

NaN
  • 11
  • 1
1

Some versions of Android do not trust certificates from some of the GeoTrust CA's.

https://code.google.com/p/android/issues/detail?id=10807

https://code.google.com/p/android/issues/detail?id=10985

Greg Askew
  • 35,880
  • 5
  • 54
  • 82
  • This is the exact problem! I think I may just get an ssl cert from a reseller that doesn't use the GeoTrust root. Thanks! – Yannone Mar 22 '11 at 15:40