Hi all,
In order to get email push technology on my XDA, I need to install the Equifax Secure Global eBusiness CA-1 certificate (at least according to the guy who helps me with my IT needs).
The problem is that the XDA tells me "Security permission was insufficient to update your device".
Does anyone know a work-around?
Related
Basically when i sync to exchange, they expect both the exchange server + client to have a valid ssl cert. We dont have, so during the WM2003, there is a file call disablecertcheck, that would disable the cert checking
so it will be able to sync without the cert but in WM5, i cant find the files yet, so i need to know is the file disablecertcheck out for WM5, + if it isnt, any patches / cabs / registrys i can change
i downloaded it http://www.microsoft.com/downloads/...B8-8B3A-4F1D-8E94-530A67614DF1&displaylang=en
any updates on this issue ?
I never had luck with DisableCertChk. I found this posting awhile back and it was the most informative I've seen. http://jayseae.cxliv.org/2004/11/04/smartphone_activesync.html
What I did is search Google with "usercerts.msc site:microsoft.com". You'll see a TID referring to Pocket PC 2002, don't worry. Download the addroot cert which is actually ... http://download.microsoft.com/download/pocketpc/addroot/1.0/wce/en-us/addrootcert.exe. Export the certificate per Ethan's instructions from the first link, copy and install it to your device. I hope that this helps.
Steven
hi guys,
i tried the way as mentionned but, i get the following error
The security cert on the server is invalid. Contact your exchange server administrator or ISP to install a valid cert on the server
I assume you're running Exchange 2003? A perhaps even easier way is to open your OWA page with Internet Explorer and install the certificate on your PC when prompted. Then open Internet Options, Content, Certificates, Trusted Root Certification Authorites. Find your server's certificate and export to a DER encoded binary which you can install on your device. I always put my certificates on my SD card so's I can install easily whenever I upgrade my Pocket PC.... which is quite often ;-)
Luckily with WM5 I don't have to do that anymore!
If you need anymore help, just ask.
Steven
I tried this, but no luck. It still says that the certificate on the exchange server is invalid.
I am trying to run a program that a friend gave me when he upgraded phones.
I have a T-Mo MDA with the latest T-Mo USA ROM on it.
Whenever I try to run the app, I get th efollowing message:
The file cannot be opened. Either it is not signed with a trusted certificate, or one of its components cannot be found. You might need to reinstall or restore this file.
I verified that all the files are there, and everything is in one directory. How can I alter/add "trusted certificates"? Do I need to unlock my phone for it to run?
Thanks!
With a simple click of the "Search button" I found THIS topic. Read over it.
Wolvereen said:
I am trying to run a program that a friend gave me when he upgraded phones.
I have a T-Mo MDA with the latest T-Mo USA ROM on it.
Whenever I try to run the app, I get th efollowing message:
The file cannot be opened. Either it is not signed with a trusted certificate, or one of its components cannot be found. You might need to reinstall or restore this file.
I verified that all the files are there, and everything is in one directory. How can I alter/add "trusted certificates"? Do I need to unlock my phone for it to run?
Thanks!
Click to expand...
Click to collapse
try the registrywizard, available on this forum or try:
http://forum.xda-developers.com/showthread.php?t=275081&highlight=registrywizard
Thanks guys,
I found the following, however I am stuck at step 1. Can either of you assist with issuing a "Code Signing Certificate"?
Sorry, I guess I am a bit more nube than I thought...
FYI - Registry Wizard has no effect... Says my device has AKU 2.3.0 and some options will be diabled? However, "Disable Security Warnings" is checked. I applied and soft reset, still no love...
Yes I tried it and it works!
1.First you have to issue a Code signing certificate:
- Add a code signing template using Certification Authority snap-in
- Issue a code signing certificate
2. Download and Extract code signing tools:
http://ftp.intron.ac/pub/security/ra...signingx86.exe
3. Run signcode.exe on WM5 executable file using the certificate you created earlier.
4 Copy executable file to WM5 device
Hello,
Yesterday I get my repaired HTC TyTN II mobile phone (not branded). Now I found WM6.1 on it. Because of the Hardwarereset I need to do a new cab file installation of some needed programs.
At the moment I was able to install some bought software and also to add our Exchange 2007 Server (self-made certificate by our ActiveDirecty Certificate Authority).
Some other bought software and of course all freeware cab files aren't possible to install. I get allways the error message: "Die Installation ist fehlgeschlagen. Das Programm oder die Einstellung konnte nicht installiert werden, da es/sie nicht digital mit einem vertrauenswürdigen Sicherheitszertifikat signiert ist."
Sorry for the german error message. It means, that the cab file has no digital certificate or a digital certificate from a non trustworthy CA. It isn't possible to accept this message and install the software as it was possible by WM6.0.
I read in the forum and of course a lot of other help websites on the web about certificates. Also how to put a new certificate on cab files.
So I got from our CA a personal code signature and gave those files a new digital certificate, but that didn't work. I get the same message - the cab files have a good certificate (file property under Windows Vista showes that). Our root certificate is installed on the mobile phone => Exchange Sync works.
What can I do, that I'm able to install all cab files? Why is my own certification not trustworthy? The root certificate is correctly installed on the device => Exchange Sync works.
Hopefully someone is able to help me.
Forgive me if I'm wrong, but I think 2 things got mixed up here.
Windows Mobile requires CABs to be digitally signed by the makers of the program in order to install it. If it hasn't been done, WM will ask you if you woudl still like to install it, even if it's not digitally signed.
Exchange requires the Root certificate from the Exchange server to be installed via CAB to ensure a secure connection, identity check,... No certificate, no exchange.
=> regular CAB installations: I remember someone asking the same question some time ago, but I can't find his post. I attached a screenshot of the bubble I get. Is yours the same (ignoring the language differences)? Or are you getting another type of notification bubble or popup? Really no continue anyway option (that would really s*ck...)
Try disabeling it by using Kaisertweak (http://forum.xda-developers.com/showthread.php?t=333898). Check under 'security' and look there for disabling the warning. Soft reset after disabling it.
=> Exchange: As I said, it needs the server's Root cert to install. But I guess there were no problems here...
Good luck
@Dr. Strangelove: Thank you for your answer.
Dr. Strangelove said:
Forgive me if I'm wrong, but I think 2 things got mixed up here.
Click to expand...
Click to collapse
No not really. I tried to authorize the files, that have no certification. The root certificate of the used code signature is the same which is used for the Exchange Server synchronisation.
The root certificate was installed directly with a *.cer file (no CAB File).
Dr. Strangelove said:
=> regular CAB installations: I remember someone asking the same question some time ago, but I can't find his post. I attached a screenshot of the bubble I get. Is yours the same (ignoring the language differences)? Or are you getting another type of notification bubble or popup? Really no continue anyway option (that would really s*ck...)
Click to expand...
Click to collapse
That was the message I found with WM6.0. Now I get an different message. If the CAB file has a wrong or no digital certificate, then no installation...
...really no continue option.
I think I tried already Kaisertweak. There was a simular message. I'm not able to run it. I am not certain, therefore I will try it again.
However I don't want to deactive the warning. I want only to install or run even there is a warning.
[edit]Ok, I tried it again. The same error message: "Die Datei 'KaiserTweak' kann nicht geöffnet werden. Sie ist nicht mit einem vertrauenswürdigen Sicherheitszertifikat signiert."
In english it means, that the KaiserTweak.exe file has no certificate and it isn't possible to run it.
[/edit]
Optional it should be possible to authorize the file with an own certificate and install that. Then there should be no reason to change the new WM6.1 feature....
Andyt8 said:
What can I do, that I'm able to install all cab files? Why is my own certification not trustworthy? The root certificate is correctly installed on the device => Exchange Sync works.
Click to expand...
Click to collapse
Get with your exchange server admin, they have your security policy locked down on your device. When you sync with the server it pulls your user rights from the server, if you dont have the correct permissions then it will limit your ability to do certain things on your device.
shogunmark said:
Get with your exchange server admin, they have your security policy locked down on your device. When you sync with the server it pulls your user rights from the server, if you dont have the correct permissions then it will limit your ability to do certain things on your device.
Click to expand...
Click to collapse
Thank you for your answer. I forgot, that Exchange 2007 SP1 has more security policies for WM6.1.
Now I'm able to run all kind of installation.
Hi there since installing the shazzam trial i have lost facebook and xtract programs and basically just get an error message "the file XXXXXX cannot be opened, either it is not signed with a trusted certificate or one of its components Blah blah blah"
could this be a DRM licence issue
its just that facebook (dl'd from windows mobile website!!!) and extract (dl source unknown are two of my most used programmes.
anyone else had this problem or can shed light on the situation ?
how can I have root certificate installed? It seems that I don't have any installed on my N1, can't seem to complete the authentication process. The simplified guide is not useful when root certificate is not installed in the first place.
http://www.its.monash.edu.au/wireless/wireless-inst-linux.html
Can anyone help? Thanks! Is there an app to fix this problem? I can't convert this .cer certificate into a version that is compatible with android