
I'm currently trying to get Activesync to work with a Windows Mobile device and an iPhone 3GS.
My initial try to get this working failed due to problems installing the unsigned certificate on the windows mobile device, not really sure
- if I didn't correctly install the certificate on the device
- or if it's a problem that in addition to being unsigned its the default certificate still issued for localhost.localdomain (shame on me, didn't really care so far)
Anyway, I'd like to get rid of the unsigned certificates anyway, so i'm almost ready to order a real certificate now, BUT:
During the Activesync installation, I was kinda forced into setting activesync.thecompany.de as hostname
(activesync server is not a seperate machine), while the normal hostname is of course scalix.thecompany.de.
If I buy a certificate for scalix.thecompany.de now, it will be great for webmail and SAC, but it will not be the valid host for my phone and windows mobile will probably continue to bitch about this! Vice versia, if I buy it for activesync.thecompany.de it won't be valid for webmail and SAC!
Now if activesync.thecompany.de and scalix.thecompany.de were seperate machines on different public IPs I could just buy two certificates which would probably work (except from costing twice as much). But since scalix.thecompany.de and activesync.thecompany.de are the same machines, and webmail and activesync seem to be BOTH connecing on HTTPS port 443 I CANNOT use two certficates on the same machine and port, can I !?!
Alternatively, I could buy a wildcard certificate which is valid for *.thecompany.de, but those are EXTREMELY expensive (way more than two seperate certs) and I really want to avoid this.
It would be nice if someone could clarify how this is supposed to work in a single-server-setup with SSL certificates:
- Can I change activesync.thecompany.de back to scalix.thecompany.de ? Is it really needed to have two different host names in a single-server setup ? The installation led me to believe this, but I'm wondering.
- Can I let the phones connect to scalix.thecompany.de even if the AS server thinks he is activesync.thecompany.de and just install SSL certificates for apache that are avalid for scalix.thecompany.de ?
Thanks in advance!