Certificate Questions

E

ExecTech24

New Member
Joined
Aug 25, 2010
Messages
7
Reaction score
0
Hello all, I'm testing some droid phones with exchange. I have gotten the PFX cert from our engineers, and then converted that to P12 format. I installed it from the SD Card and it said installed successfully.

However, when I enter all the information for our exchange servers I am returned a message

"The certificate from the server is not validated,. Do you want to disable verifying certificates for this account? (Not Recommended)

1) Is this message saying that it doesn't recognize the certificate that it's reaching on our exchange server?

2) If I choose disable verification, and I allow the account to be setup that way, am I running any security risks? I don't even need to install the certificate if I choose "disable verification"

3) I've found other posts concerning the original Droid that advise to toggle a setting that says, "Allow all certificates" I don't see that in Droid2, does it exist?

4) Is there an alternate way of setting up exchange on the Droid 2?

Thanks in advance.
 
C

Catrinisin

New Member
Joined
Aug 24, 2010
Messages
10
Reaction score
0
Do you know if your certificate is self signed by your server? Or did your company buy it from an authorized certificate authority?

You can check the certificate and see who it says signed it. (Issued by)

If this is a self signed certificate, meaning the certificate says that it was issued by your servername, then this is probably why you are getting this warning. It should be safe to disable verification of this certificate in this case.
 
OP
E

ExecTech24

New Member
Joined
Aug 25, 2010
Messages
7
Reaction score
0
Catrinisin said:
Do you know if your certificate is self signed by your server? Or did your company buy it from an authorized certificate authority?

You can check the certificate and see who it says signed it. (Issued by)

If this is a self signed certificate, meaning the certificate says that it was issued by your servername, then this is probably why you are getting this warning. It should be safe to disable verification of this certificate in this case.
Click to expand...

When I access our OWA page from the Droid2, it allows me to view the cert and says it's issued by GoDaddy.

Thoughts now?
 
OP
E

ExecTech24

New Member
Joined
Aug 25, 2010
Messages
7
Reaction score
0
Actually downloaded Touchdown from the marketplace and had zero problems. Worked. I think I'm good to go...

From what it seems, it reached out to our exchange server and accepted the cert ...
 
C

Catrinisin

New Member
Joined
Aug 24, 2010
Messages
10
Reaction score
0
ExecTech24 said:
When I access our OWA page from the Droid2, it allows me to view the cert and says it's issued by GoDaddy.

Thoughts now?
Click to expand...

Sounds like an issue with the certificate then, or with the email program. But since it worked fine with Touchdown, must be an issue with the email client? It is supposed to check with the certificate authority to verify, GoDaddy/Starfield in this case.
 
OP
E

ExecTech24

New Member
Joined
Aug 25, 2010
Messages
7
Reaction score
0
Catrinisin said:
ExecTech24 said:
When I access our OWA page from the Droid2, it allows me to view the cert and says it's issued by GoDaddy.

Thoughts now?
Click to expand...

Sounds like an issue with the certificate then, or with the email program. But since it worked fine with Touchdown, must be an issue with the email client? It is supposed to check with the certificate authority to verify, GoDaddy/Starfield in this case.
Click to expand...

Using Droid's corpsync app - if I choose "disable cert verification" (not recommended) --when prompted, the account it loaded fine.

The problem with touchdown is that everything is stored within Touchdown itself. I know my execs will have a problem with not seeing emails or notificiations as soon as they look at their phone. Ugh.
 
C

Catrinisin

New Member
Joined
Aug 24, 2010
Messages
10
Reaction score
0
ExecTech24 said:
Using Droid's corpsync app - if I choose "disable cert verification" (not recommended) --when prompted, the account it loaded fine.

The problem with touchdown is that everything is stored within Touchdown itself. I know my execs will have a problem with not seeing emails or notificiations as soon as they look at their phone. Ugh.
Click to expand...

So is the account working properly now that it is loaded? No need for Touchdown then?
 
OP
E

ExecTech24

New Member
Joined
Aug 25, 2010
Messages
7
Reaction score
0
Catrinisin said:
ExecTech24 said:
Using Droid's corpsync app - if I choose "disable cert verification" (not recommended) --when prompted, the account it loaded fine.

The problem with touchdown is that everything is stored within Touchdown itself. I know my execs will have a problem with not seeing emails or notificiations as soon as they look at their phone. Ugh.
Click to expand...

So is the account working properly now that it is loaded? No need for Touchdown then?
Click to expand...

Yup, it is loaded. I just wanted some clarity on the message that I was seeing that I bypassed in order to get the account on the phone. By "disabling certificate verification" am I still secure?

I interpreted that message as, "There's a certificate that I'm getting but the droid doesnt recognize it".

Is that the case? If so, then we're good because I know where the cert is coming from -- my company. lol
 
Last edited:
C

Catrinisin

New Member
Joined
Aug 24, 2010
Messages
10
Reaction score
0
Yeah you should be good. That message does indeed mean it could not verify the certificate, but it is still using the certificate and running secure.
 
You must log in or register to reply here.

Most reactions - Past 7 days

Similar threads

C
Droid with Exchange 2007
Replies
0
Views
2K
cherokee
C
O
connect to corporate wifi that requires CA certificate?
Replies
3
Views
31K
kadaro
K
H
Wifi Certificate issues
Replies
0
Views
4K
Heritech
H
A
Active Sync Cert and encryption question
Replies
0
Views
2K
ADBDroid
A
C
Security Certificate issue
Replies
2
Views
9K
crysk
C
Top