iPhone and connecting to Exchange Server / GoDaddy intermediate certificate help

Discussion in 'iPhone Tips, Help and Troubleshooting' started by nk416, May 8, 2011.

  1. nk416 macrumors newbie

    Joined:
    May 8, 2011
    #1
    Hi all. I have a frustrating issue that I need help with...

    I've been using my iPhone connected to my corporate server for some time. Our company only supports Blackberry, which, unfortunatley makes me feel like I am stuck in 1999.

    Recently our IT department did some "updates" - one of which was replacing the SSL certificate on the exchange server with a GoDaddy certificate. They failed to install the intermediate certificates - at which point my iPhone stopped working. No amount of pleading with our IT department will have them fix this - as they just continually say they don't support iPhones as they "can't control them". (BS I say, as they don't log any info and the only real thing they are interested in is remote wipe, which is available through the outlook webaccess portal when your iPhone is connected).

    That being said, when I run the exchange connectivity test I now get the following error:

    Validating certificate trust for Windows Mobile devices.
    Certificate trust validation failed.
    Additional Details
    There's a missing intermediate certificate in the certificate chain. Subject = SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US. For more information, see Knowledge Base Article 927465.

    Is there any workaround with this issue on the iPhone? I've gone to the godaddy certificate repository here: (https://certs.godaddy.com/anonymous/repository.seam), emailed the intermediate certificate to my iPhone and then installed ... but that doesn't seem to work either.

    Short of having my IT department install the intermediate certificates on the server (which doesn't look like will happen - ughhhhh) ... is there a workaround somehow?

    Many thanks.
     
  2. GoDaddyGuy macrumors newbie

    GoDaddyGuy

    Joined:
    Apr 15, 2009
    #2
    Hello there,

    So couple things that should get you all good to go. You can rekey the certificate and install the intermediate first then the actual certificate. That should solve your issue. Alternatively this information will help resolve the error you are referencing for this issue:

    Our Valiсert rооt certіfiсate іѕ іnstalled on all mobile devices that run Windows Mobile 5.0 AKU 2 or a later incarnation of the operating system. However, devices that run older versions of Windows Mobile 5.0 do not have the root installed.
    To Chеck іf thе Valiсert Rоot iѕ Іnѕtalled on Your Device

    1. Open the Settings menu.
    2. Select System.
    3. Select Certificates.
    4. Verify that the http://www.valicert.com is listed in the root store.
    5. If the roоt iѕ іncluded, уour dеvicе іѕ running Windows Mobile 5 AKU 2 or later. No further action is required.
    6. If the roоt iѕ nоt includеd, follоw the inѕtruсtіons below to import and install it.

    To Inѕtall thе Rоot Cеrtifіcatе оn Υour Windows Mobile 5 Device

    1. Download thе roоt сertifіcаte to уоur РC in DER format with a .cer file extension (i.e., valicert_class2_root.cer"). The root can be downloaded from the repository.
    2. Copу the dоwnlоaded rоot сertifісаte to your device using ActiveSync.
    3. On your mоbilе dеvicе, loсate thе іmрorted file using File Explorer and click on it.
    4. The devіcе wіll disрlaу the follоwіng рrompt: "You are about to install valicert_class2_root.cer certificate issued by http://www.valicert.com/. Do you want to continue?" (If you saved the root under a different name, that file name will show up in the prompt.)
    5. Accеpt thе рrompt tо inѕtall the rооt сertificate on your device.

    ^Colby
     
  3. nk416 thread starter macrumors newbie

    Joined:
    May 8, 2011
    #3
    Colby - thanks for your reply. I installed the valicert_class2_root.cer onto my iPhone (you gave instructions for a WinMo device, BTW) - to no avail.

    I'm assuming unless my IT admin installs the intermediate certificate I am right out of luck?
     

Share This Page