BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 09-01-2008, 08:06 AM   #1 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Blackberry / OCS CWA 2007

Please Login to Remove!

Hi,
I’m trying to configure Blackberry to work with OCS CWA 2007 without positive result.
Blackberry Collaboration services Settings (Connection):
  • Host = cwa.domain.net
  • Port = 443
  • Transport protocol = HTTPS
When I try to connect from the RIM Server to the OCS CWA 2007 Server (internet Explorer) all work fine.

OCS CWA 2007 Settings:
  • Virtual Server Type = Internal
  • Authentication = Windows Authentication

On the RIM Server I can see following error in the log-file:
“Cannot contact CWA server at _https://cwa.domain.net:443/forms/logon.html version of CWA cannot be determined due to IOException trying to contact host: java.io.IOException: Duplicate extensions not allowed>”

Thank you
Regards
demar
Offline  
Old 09-01-2008, 01:14 PM   #2 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

What version and service pack is the BES?
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org
Offline  
Old 09-01-2008, 01:19 PM   #3 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Sp6
Offline  
Old 09-02-2008, 04:13 PM   #4 (permalink)
Knows Where the Search Button Is
 
hugheser's Avatar
 
Join Date: Mar 2007
Model: 9000
Carrier: AT&T
Posts: 40
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

We got that error until we enabled FBA and Windows Auth. After that, it worked. If we had either of those selected without the other, it didn't work.
__________________
Brian
BES 5.0.1 for Exchange on Exchange 2007
Offline  
Old 09-03-2008, 03:02 AM   #5 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I activated Forms Authentication. Still the same Problem.
On the “old” (2005) CWA you have to enable ajax (h t t p : / / w w w .microsoft.com/technet/prodtechnol/office/livecomm/library/cwa/planningdeployment/cwapdp_4.mspx).
Is it also necessary on the new CWA (2007)?
The ajax.dll on the CWA 2007-Server is no more available!
Offline  
Old 09-03-2008, 06:17 AM   #6 (permalink)
BlackBerry God
 
penguin3107's Avatar
 
Join Date: Jan 2005
Model: iOS 5
Carrier: VZW
Posts: 11,701
Post Thanks: 1
Thanked 237 Times in 219 Posts
Default

Wirelessly posted (Breaking Ball)

No, it's not necessary with OCS 2007.
__________________
BCSA
BES 5.0.3 MR4 :-: Exchange 2007 SP3 RU3
http://port3101.org
Offline  
Old 09-29-2008, 07:07 AM   #7 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have the solution!
The BES cannot build a secure connection (HTTPS) if the configured name for the connection with the CWA Server is not defined as “Subject” on the certificate. If you have multiple “names” on the certificate, the CWA Server (that is configured on the BES for the connection) must be defined as “Subject” in the certificate and not as ”Subject Alternative Name”!
Offline  
Old 10-16-2008, 06:53 PM   #8 (permalink)
Talking BlackBerry Encyclopedia
 
sniffs's Avatar
 
Join Date: May 2008
Model: 8310
PIN: N/A
Carrier: AT&T
Posts: 230
Post Thanks: 1
Thanked 0 Times in 0 Posts
Default

What cert should we be looking for? We see 3 certs and have checked all 3..

We're getting this same issue.

Also, in that "Forms" folder, there is no logon.html file.. The folder is actually blank. Is it supposed to be?
__________________
Your lack of planning is not my emergency.
Offline  
Old 10-17-2008, 02:32 AM   #9 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Certificate:
1. Public Key Length 1024 Bits (not 2048)
2. No Subject Alternative Name
3. Enhanced Key Usage (also Client Authentication)
4. No intermediate signing authority.

It is not completely clear what solved the problem, but the order of liklihood is 2, 4, 1, 3.


The Forms folder is empty that is right.
Offline  
Old 02-17-2009, 03:15 PM   #10 (permalink)
New Member
 
Join Date: Nov 2008
Model: 8320
PIN: N/A
Carrier: tmobile
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

if the configured name for the connection with the CWA Server is not defined as xxx8220;Subjectxxx8221; on the certificate. If you have multiple xxx8220;namesxxx8221; on the certificate, the CWA Server (that is configured on the BES for the connection) must be defined as xxx8220;Subjectxxx8221; in the certificate and not as xxx8221;Subject Alternative Namexxx8221;!

Where do I go to find this?
Offline  
Old 02-18-2009, 02:22 AM   #11 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Open the Certificate Properties > Detail Tab:

Subject and Subject Alternative Name
Offline  
Old 02-18-2009, 09:19 AM   #12 (permalink)
New Member
 
Join Date: Nov 2008
Model: 8320
PIN: N/A
Carrier: tmobile
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Is this on the BES or on the OCS server?
Offline  
Old 02-18-2009, 09:21 AM   #13 (permalink)
New Member
 
demar's Avatar
 
Join Date: Sep 2008
Model: none
PIN: N/A
Carrier: swisscom.com
Posts: 7
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Ocs Cwa.
Offline  
Old 02-18-2009, 10:21 AM   #14 (permalink)
New Member
 
Join Date: Nov 2008
Model: 8320
PIN: N/A
Carrier: tmobile
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Still not working. I have don what you have said, but device won't connect. Any other suggestions.
Offline  
Old 02-18-2009, 10:31 AM   #15 (permalink)
New Member
 
Join Date: Nov 2008
Model: 8320
PIN: N/A
Carrier: tmobile
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

This is what its showing in the logs now.

Cannot contact CWA server at; version of CWA cannot be determined due to IOException trying to contact host: Remote host closed connection during handshake

2009-02-18 10:05:56.953 EST:99, CWA server version could not be identified.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright © 2004-2014 BlackBerryForums.com.
The names RIM © and BlackBerry © are registered Trademarks of BlackBerry Inc.