Good day,
We have:
* Existing E2007 Sp3 latest Rollup on SRV2008 (With user certs for ActiveSync(External + Internal)
* Fresh Installed Exchange 2013 CU10 on Server 20012 R2 (Only Test user on other side)
* Enterprise CA on Server 2008 (Ships SHA1 Certs no migrated to SHA256)
* User Cetrificate Authentication for Iphone and Android (No user cert auth W7 client side needed)
Problem:
A 2013 test user is able to do ActiveSync test with EAD Mobilitydojo.net tool (No cert/NO CBA)
Same test user is unable to authenticate with a user cert file and >User based Certificate Authentication (CBA) on E2013< for Activesync
* Second Exchange 2013 complete full Setup no errors for testing same behavior.
* Did rebuild of Acticesync Virtual Directory
In the Exchange Activesync MD test Tool from Mobilitydojo.net we have the cert correct with Filename and Password. H:\migration\exchange_2007_2013\eas\2007_personal.pfx.
* The IPHONE profile and Certificate is put on with USB cable and Apple Enterprise Utility
* if i switch back to the Exchange 2007 with CBA and same method it works. So it's the same IPHONE and i asume then the trust to the Internal CA (Which is the same for 2007/2013) is not the source.
--------------------------------------------- ERROR we see there if it does not work -----
testing HTTP GET:
Response: The remote server returned an error: (403) Forbidden.
Explanation:
The server requires SSL and will not let you connect over HTTP.
(For instance trying to connect over HTTP while IIS requires SSL.)
Status: Further action required
--------------------------------------------- ERROR we see there if it does not work -----
Please help if you can. ;-)