Islanti
01-10-2007, 05:46 PM
Has anyone actually used S/MIME signing for email on their Windows Mobile 5 device and Exchange 2K3 SP2? I recently upgraded to a WM5 AKU3 Smartphone and one of the features I was looking forward to using was the S/MIME signatures and encryption. When I try to send a signed email the device says "The message cannot be signed because you do not have a certificate for sending signed email. Insert a smart card with the certificate."
I have selected the appropriate certificate via Activesync -> Configure Server -> Next -> Next -> (highlight E-mail) -> Settings (from menu) -> Advanced (from menu) -> Choose Certificate (from menu).
I have seen the Jacco de Leeuw page (http://www.jacco2.dds.nl/networking/crtimprt.html), which offers tools for importing a pfx certificate into Windows Mobile. This seems to work although WM5 doesn't provide much detail on the status of a particular certificate (such as thumbprint data or whether the private key is assocated with the certificate).
I also tried the PFX -> OpenSSL PEM method suggested on Jacco's page (under the crtimprt section). This also seems to work fine but no change.
I have a Thawte freemail certificate, which requires an intermediate certificate to be installed. I created the necessary cab file to import this. There's no way I know of to verify this, but importing the root CA the same way seemed to work fine.
I have my Thawte certificate working fine from the desktop. I have published it to the Exchange GAL via Outlook.
I'm stumped as to what else I could possibly do to enable this feature!
I have selected the appropriate certificate via Activesync -> Configure Server -> Next -> Next -> (highlight E-mail) -> Settings (from menu) -> Advanced (from menu) -> Choose Certificate (from menu).
I have seen the Jacco de Leeuw page (http://www.jacco2.dds.nl/networking/crtimprt.html), which offers tools for importing a pfx certificate into Windows Mobile. This seems to work although WM5 doesn't provide much detail on the status of a particular certificate (such as thumbprint data or whether the private key is assocated with the certificate).
I also tried the PFX -> OpenSSL PEM method suggested on Jacco's page (under the crtimprt section). This also seems to work fine but no change.
I have a Thawte freemail certificate, which requires an intermediate certificate to be installed. I created the necessary cab file to import this. There's no way I know of to verify this, but importing the root CA the same way seemed to work fine.
I have my Thawte certificate working fine from the desktop. I have published it to the Exchange GAL via Outlook.
I'm stumped as to what else I could possibly do to enable this feature!