?

Log in

No account? Create an account

Previous Entry | Next Entry

If you do not have a SSL certificate, EAS won't work. It won't say "you can't use http as a protocol you have to use https" or anything sensible like that - so i beat my head on the wall alot about this, and ended up having to use ethereal to verify what's happening. So here's what you do.

First, create a certificate signing request for the IIS server - if you don't know how to do this, google is your friend. MAKE SURE THE COMMON NAME ON THE CERT IS A PUBLIC DNS NAME YOU CAN HIT WITH THE PRE!

Take the CSR, and either sign it with your own key, pay for a real certificate, or use CACert like I did.

If you paid for the certificate, take your new certificate to IIS, and be done with it. Good for you.

If you're cheap like me, and used CACert or your own OpenSSL CA, here's what you do, it's non obvious.

Set up a POP or imap account on your phone, and email yourself the CA certificates as .crt files.

Once this is done, open the .crt files on your pre (YOU CANNOT DO THIS VIA THE WEB BROWSER IT WILL NOT WORK) - open the .crt files by clicking once to download, then clicking again once the progress bar is full. You'll go to the certificate manager.

Click trust certificate, and make sure you can hit the EAS server with https in a web browser. If you can, now try it on the Pre, it should work.

\o/

Comments

( 8 comments — Leave a comment )
santiagon
Jun. 6th, 2009 05:04 pm (UTC)
With which version of Exchange did you test this?
noweb4u
Jun. 6th, 2009 05:12 pm (UTC)
2003 sp 2
wesmills
Jun. 6th, 2009 07:24 pm (UTC)
The Pre's EAS implementation is rather poor to say the least. (Even HTC got it right on Android, so really now...) From what I have been told, it does not support http-only, as you already know, and it lacks PIN/device policy support. The latter means that most enterprises won't adopt it because they have mandatory PIN lock and device wipe policies that must be accepted before mail can be transferred. Hopefully Palm comes out with an update soon.
noweb4u
Jun. 7th, 2009 02:26 am (UTC)
Beats the hell out of the iPhone's EAS support in gen 1. :)

They got it right big time on unifying contacts and the UI stuff. And we have copy/paste, a real keyboard, MULTITASKING!

I like it despite the rough edges, and you can update it OTA so i'm sure they'll work it out over time.

Also like the other treos you don't need a computer to take full advantage, unlike how the iphone is basically neutered without itunes.
itszer0
Jun. 7th, 2009 03:32 pm (UTC)
I had a lot of these same problems with the 755p.
This was much easier on the 800w and Pro. Worked like a charm.
noweb4u
Jun. 7th, 2009 07:16 pm (UTC)
I am absolutely SHOCKED that a Microsoft operating system would work with other Microsoft shit better than other software. Shocked, I say.
itszer0
Jun. 8th, 2009 04:37 am (UTC)
Well, the HTC I had was about the same as the Palm at first. Had to cook a firmware to allow it to connect to a exchange server with self-signed cert.
noweb4u
Jun. 8th, 2009 05:02 am (UTC)
all you have to do on the palm is to email yourself the CA certificate and mark it as trusted, which is convoluted but sounds easier than cooking firmware at least.
( 8 comments — Leave a comment )