Topic: zarafa - z-push - wm6.1

[SchulzStefan]

Hello all,

is anybody out there running an SME 7.5.1 (up-to-date) with zarafa, z-push and a WM6.1 ota (over-the-air) sync? Would be nice to hear, that it's possible (and if so, how it's possible) to set up.

thx in advance,
stefan

[crazybob]

I have  server running zarafa and z-push, but we are using android with touchdown. The only issues I had was with webaccess. I had to back off php5 to php5.2, and add change some of the mapi files. Check this link for the mapi stuff http://forums.contribs.org/index.php/topic,47101.msg233658.html#msg233658

Bob

[axessit]

I have a server with Zarafa 6,40,0,20419, SME7.4 and have just configured the Z-push as per
http://wiki.contribs.org/Zarafa#Mobile_synchronisation. Worked striaght out of the box for Nokia symbian with MS Exchange client app and iPhone4. No issues with webaccess.

[SchulzStefan]

thx everybody for the hints.

I'm still stuck with my WM6.1 and the question, how to manage the request of activesync depending on a self-issued-certificate. I used PHPki for generating certificates. No chance so far. I get always the MS support code 0x80072F17. Well, does anybody know how to set up a self-signed-certificate with PHPki that is known to work with activsync?

Thank's for any reply.
stefan

[crazybob]

I found this doing a quick google http://timjacobs.blogspot.com/2008/08/wm6-and-self-signed-certificates.html

[SchulzStefan]

I'd seen this already. There are a lot of more hacks in xda-developers... But that's not the problem. I am able to install a self-signed certificate on my HTC 8220. My intention is *NOT* to disable or manipulate the auth-function for activesync in my mobile. I would just like to have a self-signed-cert on my mobile, that does work. That's all... Hmm, seems difficult.

[SchulzStefan]

I think, I got the solution.

Thanks to this How-To http://wiki.contribs.org/Certificates_signed_by_own_CA, that pointed me in the direction I was looking for.

Here's the situation: Winmobile 6.1 (maybe also later versions) requires for activesync a trusted certificate. I have no fix IP for my company server, my webpage is hosted by an ISP. For emails, contacts, calendar and tasks I use zarafa 7.0.1-28479 with z-push 1.5.5-790. It's easy to get access to the server from outside with a DynDns account. It's much more harder to get this stuff synced on a mobile phone running winmobile 6.1 OS. Here are the steps, that worked for me:

1. Follow the How-To exactly.

2. By editing the openssl.cnf, you have to put the correct values in:

# START EDITING HERE ------------------------------------------------------------
# Default values for the above
0.organizationName_default              = XYZ Corporation
organizationalUnitName_default          = IT Department
localityName_default                    = My City
stateOrProvinceName_default             = My State
countryName_default                     = DE
commonName_default                      = YOUR_NAME.dyndns.org Root CA
emailAddress_default                    = support@YOUR_NAME.dyndns.org
# STOP EDITING HERE ------------------------------------------------------------

3.

./make_root_cert.sh YOUR_NAME.dyndns.org

4.

./make_cert_request.sh FQHN

Common Name (hostname, IP, or your name) [FQHN]:YOUR_NAME.dyndns.org  <--- You have to overwrite the default

5.

./make_cert.sh FQHN YOUR_NAME.dyndns.org

6. Follow the How-To

7. convert the ca for your mobile

openssl x509 -in YOUR_NAME.dyndns.org_ca_cert.crt -inform PEM -out YOUR_NAME.dyndns.org_ca_cert.cer -outform DER

8. Transfer the converted cert on your mobile and install it.

9. Configure your mobile for activesync. Use as email-adress any zarafa-user@YOUR_NAME.dyndns.org. Use as server-adress YOUR_NAME.dyndns.org. Enter user and password. Use as domain the main domain of your server.

10. Check with tail -f /var/log/httpd/access_log if the device connects to z-push.

It worked for me, maybe it'll help some other people.

stefan