Well we’ve seen a fair amount of reminiscing in the blogs to date. It’s interesting even to me to hear from the Exchange veterans about the high-flying times back in the 4.0 and 5.5 days. I’m a ...
Updated Jul 01, 2019
Version 2.0
Blog Post
Hi Simon,
As I explained in my previous post, the list of certs installed on your client device is likely irrelevant, as the WAP gateway is probably doing all negotiation and encryption. If the problem is indeed due to SSL handshake failing, you have two options:
- Purchase a server SSL certificate from a well-known, trusted authority
- Negotiate with AT&T Wireless to install your custom certificate signature on their WAP gateway.
What you are hitting on, is an issue of WAP 1.x protocol falling short on providing adequate SSL facilities. Since pre-WAP2.0 phones can not speak SSL directly, translation facility was offered on gateway machines on mobile operators' network edge. It makes sense for an operator to configure their gateways to only trust well-known certificate issuers, in order to protect their customers from spoofing attacks. Unfortunately this means that sites which use custom certificates, or certificates with inconsistent information (like your Verisign test one) may not be accessible from any devices on said carriers' network. This is fixed with direct SSL capabilities of WAP 2.0; however both your device and the carrier gateway must support this feature for it to work.
Please keep in mind that SSL negotiation failure is a likely suspect for your experiencing the HTTP 500 error, but it may not be the actual problem after all. There is not enough information here to really troubleshoot. I'd suggest giving our PSS folks a call if you want to explore other avenues of resolving this issue.
Good luck!
Alex
As I explained in my previous post, the list of certs installed on your client device is likely irrelevant, as the WAP gateway is probably doing all negotiation and encryption. If the problem is indeed due to SSL handshake failing, you have two options:
- Purchase a server SSL certificate from a well-known, trusted authority
- Negotiate with AT&T Wireless to install your custom certificate signature on their WAP gateway.
What you are hitting on, is an issue of WAP 1.x protocol falling short on providing adequate SSL facilities. Since pre-WAP2.0 phones can not speak SSL directly, translation facility was offered on gateway machines on mobile operators' network edge. It makes sense for an operator to configure their gateways to only trust well-known certificate issuers, in order to protect their customers from spoofing attacks. Unfortunately this means that sites which use custom certificates, or certificates with inconsistent information (like your Verisign test one) may not be accessible from any devices on said carriers' network. This is fixed with direct SSL capabilities of WAP 2.0; however both your device and the carrier gateway must support this feature for it to work.
Please keep in mind that SSL negotiation failure is a likely suspect for your experiencing the HTTP 500 error, but it may not be the actual problem after all. There is not enough information here to really troubleshoot. I'd suggest giving our PSS folks a call if you want to explore other avenues of resolving this issue.
Good luck!
Alex