Blackberry / OCS CWA 2007
I’m trying to configure Blackberry to work with OCS CWA 2007 without positive result.
Blackberry Collaboration services Settings (Connection):
OCS CWA 2007 Settings:
On the RIM Server I can see following error in the log-file:
“Cannot contact CWA server at _https://cwa.domain.net:443/forms/logon.html version of CWA cannot be determined due to IOException trying to contact host: java.io.IOException: Duplicate extensions not allowed>”
What version and service pack is the BES?
We got that error until we enabled FBA and Windows Auth. After that, it worked. If we had either of those selected without the other, it didn't work.
I activated Forms Authentication. Still the same Problem.
On the “old” (2005) CWA you have to enable ajax (h t t p : / / w w w .microsoft.com/technet/prodtechnol/office/livecomm/library/cwa/planningdeployment/cwapdp_4.mspx).
Is it also necessary on the new CWA (2007)?
The ajax.dll on the CWA 2007-Server is no more available!
Wirelessly posted (Breaking Ball)
No, it's not necessary with OCS 2007.
I have the solution!
The BES cannot build a secure connection (HTTPS) if the configured name for the connection with the CWA Server is not defined as “Subject” on the certificate. If you have multiple “names” on the certificate, the CWA Server (that is configured on the BES for the connection) must be defined as “Subject” in the certificate and not as ”Subject Alternative Name”!
What cert should we be looking for? We see 3 certs and have checked all 3..
We're getting this same issue.
Also, in that "Forms" folder, there is no logon.html file.. The folder is actually blank. Is it supposed to be?
1. Public Key Length 1024 Bits (not 2048)
2. No Subject Alternative Name
3. Enhanced Key Usage (also Client Authentication)
4. No intermediate signing authority.
It is not completely clear what solved the problem, but the order of liklihood is 2, 4, 1, 3.
The Forms folder is empty that is right.
if the configured name for the connection with the CWA Server is not defined as xxx8220;Subjectxxx8221; on the certificate. If you have multiple xxx8220;namesxxx8221; on the certificate, the CWA Server (that is configured on the BES for the connection) must be defined as xxx8220;Subjectxxx8221; in the certificate and not as xxx8221;Subject Alternative Namexxx8221;!
Where do I go to find this?
Open the Certificate Properties > Detail Tab:
Subject and Subject Alternative Name
Is this on the BES or on the OCS server?
Still not working. I have don what you have said, but device won't connect. Any other suggestions.
This is what its showing in the logs now.
Cannot contact CWA server at; version of CWA cannot be determined due to IOException trying to contact host: Remote host closed connection during handshake
2009-02-18 10:05:56.953 EST:99, CWA server version could not be identified.
|All times are GMT -5. The time now is 10:53 AM.|
Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.