Jan 26, 2010

Get a Motorola Q to Sync With Exchange 2007 Using a GoDaddy SSL Certificate.

I recently performed a migration of my parent company’s Exchange server from 2003 to 2007. The process was fairly smooth with the exception of certain mobile devices. For any device using ActiveSync we had to walk our users through updating the server settings, and everything was kosher. Well, that is except user using the original Motorola Q.

You see, the problem was although we were using an ECC SSL Certificate, the certificate was from GoDaddy. So what’s the problem? The problem is that when the God forsaken Motorola Q was made, GoDaddy wasn’t a trusted root authority. So although every other ActiveSync, iPhone, Blackberry using BIS, etc was working fine, this outdate piece of crap kept spitting out the following error when trying to sync:

The security certificate on the server is invalid. Contact your system administrator or ISP to install a valid certificate on the server and try again.
Support Code: 0x80072F0D

I Googled the above error, and I found a forum saying I needed to manually install GoDaddy’s root certificate on the device. However when I did I received the following error:

Security permission was insufficient to update your device

So what I had to do was to perform a little registry hack on the Motorola Q. To Install the GoDaddy root certificate on the Motorola Q do the following:

  1. Download a Windows Mobile registry editor called regeditSTGMotorola Q
  2. Copy regeditSTG over to the mobile device.
  3. Using the File Explorer on the device, locate regeditSTG and open it
  4. Browse to HKLM\Security\Policies\Policies\
  5. Select Values
  6. Click on 00001001 and change the value from 2 to 1
  7. Click on 00001005 and change the value from 16 to 40
  8. Click on 00001017 and change the value from 128 to 144
  9. Close out of regeditSTG
  10. Download the DER version of GoDaddy’s root certificate from here: (GoDaddy Repository)
  11. Copy the gd-class2-root.cer file to your Motorola Q
  12. Using the File Explorer, double click on the file and accept the prompt to install the certificate on your device.

Once the GoDaddy root certificate is installed, your ActiveSync should begin working again normally. Please note that this probably will not work if you are attempting to use a wildcard cert for Exchange 2007. Windows Mobile 5 does not recognize wildcard SSL certificates (LAME!)

Know of any other hacks to get Exchange 2007, SSL, ETC working with Windows Mobile 5 and/or the Motorola Q? Let us know in the comments.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam