I'm trying to set up an executive's new Pocket PC phone to synchronize with our Microsoft Exchange Server system. I've configured Microsoft ActiveSync on the device with the DNS name of our Microsoft Outlook Web Access (OWA) server on the Internet as well as the executive's username and password, but the initial sync fails each time with error code 0x80002F0D. What's the problem?
Error code 0x80002F0D means that the Pocket PC doesn't trust the certificate presented by your OWA server when it and the Pocket PC device are setting up the Secure Sockets Layer (SSL) connection that will protect the data sent between the server and the device. The distrust is probably because the certificate presented by your OWA server was signed by your inhouse Windows Server Certification Authority (CA), which of course is absent from the default list of commercial CAs (such as VeriSign and thawte) on your phone. You have two choices: You can either purchase a new Web server certificate from a commercial CA that's supported by the Pocket PC (starting at about $200) or you can configure your device to trust the root certificate of your inhouse CA. Buying a certificate is preferable if you have a large fleet of devices to deploy because it eliminates a step in the setup process for each device. But if you have a small number of devices, you can easily add your CA's self-signed certificate to each device's list of trusted CAs to solve your problem.To do so, you first need to obtain your CA's certificate. On the Pocket PC, point the Web browser to \\CA1\ certsrv, where CA1 is the computer name of your CA. Click Download a CA certificate, certificate chain, or CRL, then click Download CA Certificate and allow your device to install the certificate. Then open the certificate on the Pocket PC. When you do so, the device will automatically ask you to confirm adding the certificate to the list of trusted CAs.