Certificate Questions

ExecTech24

New Member
Joined
Aug 25, 2010
Messages
7
Reaction score
0
Hello all, I'm testing some droid phones with exchange. I have gotten the PFX cert from our engineers, and then converted that to P12 format. I installed it from the SD Card and it said installed successfully.

However, when I enter all the information for our exchange servers I am returned a message

"The certificate from the server is not validated,. Do you want to disable verifying certificates for this account? (Not Recommended)

1) Is this message saying that it doesn't recognize the certificate that it's reaching on our exchange server?

2) If I choose disable verification, and I allow the account to be setup that way, am I running any security risks? I don't even need to install the certificate if I choose "disable verification"

3) I've found other posts concerning the original Droid that advise to toggle a setting that says, "Allow all certificates" I don't see that in Droid2, does it exist?

4) Is there an alternate way of setting up exchange on the Droid 2?

Thanks in advance.
 
Do you know if your certificate is self signed by your server? Or did your company buy it from an authorized certificate authority?

You can check the certificate and see who it says signed it. (Issued by)

If this is a self signed certificate, meaning the certificate says that it was issued by your servername, then this is probably why you are getting this warning. It should be safe to disable verification of this certificate in this case.
 
Do you know if your certificate is self signed by your server? Or did your company buy it from an authorized certificate authority?

You can check the certificate and see who it says signed it. (Issued by)

If this is a self signed certificate, meaning the certificate says that it was issued by your servername, then this is probably why you are getting this warning. It should be safe to disable verification of this certificate in this case.

When I access our OWA page from the Droid2, it allows me to view the cert and says it's issued by GoDaddy.

Thoughts now?
 
Actually downloaded Touchdown from the marketplace and had zero problems. Worked. I think I'm good to go...

From what it seems, it reached out to our exchange server and accepted the cert ...
 
When I access our OWA page from the Droid2, it allows me to view the cert and says it's issued by GoDaddy.

Thoughts now?

Sounds like an issue with the certificate then, or with the email program. But since it worked fine with Touchdown, must be an issue with the email client? It is supposed to check with the certificate authority to verify, GoDaddy/Starfield in this case.
 
When I access our OWA page from the Droid2, it allows me to view the cert and says it's issued by GoDaddy.

Thoughts now?

Sounds like an issue with the certificate then, or with the email program. But since it worked fine with Touchdown, must be an issue with the email client? It is supposed to check with the certificate authority to verify, GoDaddy/Starfield in this case.

Using Droid's corpsync app - if I choose "disable cert verification" (not recommended) --when prompted, the account it loaded fine.

The problem with touchdown is that everything is stored within Touchdown itself. I know my execs will have a problem with not seeing emails or notificiations as soon as they look at their phone. Ugh.
 
Using Droid's corpsync app - if I choose "disable cert verification" (not recommended) --when prompted, the account it loaded fine.

The problem with touchdown is that everything is stored within Touchdown itself. I know my execs will have a problem with not seeing emails or notificiations as soon as they look at their phone. Ugh.

So is the account working properly now that it is loaded? No need for Touchdown then?
 
Using Droid's corpsync app - if I choose "disable cert verification" (not recommended) --when prompted, the account it loaded fine.

The problem with touchdown is that everything is stored within Touchdown itself. I know my execs will have a problem with not seeing emails or notificiations as soon as they look at their phone. Ugh.

So is the account working properly now that it is loaded? No need for Touchdown then?

Yup, it is loaded. I just wanted some clarity on the message that I was seeing that I bypassed in order to get the account on the phone. By "disabling certificate verification" am I still secure?

I interpreted that message as, "There's a certificate that I'm getting but the droid doesnt recognize it".

Is that the case? If so, then we're good because I know where the cert is coming from -- my company. lol
 
Last edited:
Yeah you should be good. That message does indeed mean it could not verify the certificate, but it is still using the certificate and running secure.
 
Back
Top