I can't get my new ppc6700 to sync with my server. The error code seems to indicate that I need to install some certificates on my phone. Which certificates exactly do I need and how do I get them? Any help would be greatly appreciated!

Specifically, here is the error message I get when I try to use activesync:

80072F17 Unspported Digital Certificate installed. If you installed a digital certificate that supports wildcards from a certifying digital certificate provider, this certificate will install however using the certificate is not supported. Replace the digital certificate with one that does not use wildcards and is listed in the root certificate store on the device. Contact your network administrator for assistance.

Excuse me for being brief but this is what I do...

At the exchange server:
Start-->Run-->type "MMC"
File-->Add/Remove Snapin
Add-->"Certificates"--->select "Computer Account" and click NEXT
Select "Local Computer" and "Finish", "Close", "OK"
Under "certificates local computer" go to "Personal\Certificates" folder
Select the certificate to your domain
Right Click, all tasks, export
Next, No, Next, DER Encoded binary, Next
Hit browse so you know where the cert is being exported to and Type in a filename to identify the certificate such as your domain
Save, Next, Finish

Locate the place where you saved the certificate and copy it to your ppc6700
Browse on you ppc6700 to locate the cert file and double click and install.

Jerz

Awesome help. Thank you! I performed all of those tasks successfully, but I still get the same error message. I looked at certificates under settings on my PPC 6700 and the certificate is there. Do I need a "personal certificate too"?

No the certificate should show up under the root tab under "Certificates" on your ppc. For example mine shows up as being issued by mydomain.dyndns.org (this is the internet name of the server) which with a small business server is set up when you run the CEICW wizard (Configure Email and Internet Connection Wizard).

Thanks again for your help. It seems that I have the certificate set up properly, but I still get the error code that states that it is wrong. If you read the error message above, perhaps it is one of the other certificates that is messing things up? Here are the certificates that show up under root:

Thawte Server CA
Thawte Premium Serv..
Secure Server Certific...
hhtp://www.valicert.c...
GTE CyberTrust Root
GTE CyberTrust Global...
GlobalSign Root CA
Equifax Secure Cert...
Entrust.net Certific...
Class 3 Public Primary...
Class 2 Public Primary...

Since the phone is brand new these must have come pre-installed. Do you think one of these could be conflicting with the settings on my server? Can I just turn off the certificate checking at least to get synced to narrow the problem down?

Again, thanks for the help!

Where is your domain certificate? Mine is listed just before Thawte Server CA.

I have all of those certificates preloaded in mine as well so I don't think those existing certificates are causing the problem.

With windows mobile 5 you cannot turn off cert checking; with earlier versions you can so turning off certcheck is not an option.

Is the certificate for your mail server listed?

Yes, mine is listed just above Thawte as well. Thanks again for your assistance. Any other thoughts on what could be the problem would be appreciated. I can't even sync with the server while in the cradle. I thought I would try that first before going wireless.

I think there's something up with your certificate. Is the cert for that particular exchange server? Are you using small business server 2003? If you are then run the CEICW (Configure Email and Internet Connection Wizard) again and double check the entry for the internet name of the server. It should match the internet name of the server.

Jerz

I know this may not be information you want to give in a public forum, but if you can tell me what the URL is to your server I can tell you quite a bit of information specific to your circumstances.... without that, I could try to take a few stabs in the dark, but I might miss. If you'd feel more comfortable, you can PM me.

I am not sure if this was resolved, or not as it may have been done by PM fromthis point rather than in open forum.

I just hard resetted and installed a 3.5 ROM and got a similar 80072f17 error when trying to sync my contacts on my exchange server. I followed the instruction above to export and import my certificate but that did not solve the problem.

What solved it was deleting my partnership and restablishing a new one but unchecking the box for a secure, encrypted connection between my 6700 and the exchange server. I am not sure how much risk this adds. I only did it one time over USB so I could install a selected smaller number of contacts. Then I rechecked the SSL box and told ActiveSync to no longer sync contacts. I only sync a few selected contacts because if I sync my entire 5000 contacts I then do not have a storage space available in main memory as it uses about 14 MB.

I exported my 5000 contacts to a CSV file, converted to Excel and keep an Excel spreadsheet on my storage card for the infrequently needed contacts. I sure wish someone would figure out how to move the pim.vol file to the storage card.