Evo Update fixes Exchange 2010 Active Sync issue

I just verified that the update to the Evo from 28 June 2010 fixed the issues with Exchange Active Sync and Exchange Server 2010. Great news for Evo users. I am still hoping Sprint/HTC/Google puts out a fix for the Hero.

Sprint Froyo update

It seems as if Sprint will be releasing Froyo (Android 2.2) for the Evo, but not for the Hero or the Moment. Sad…. looks like I will be rooting my Hero and upgrading to a different build of Froyo.

Fix for the Evo – Exchange EAS Issue Coming?

I just read that there is an update for the Evo that fixes the Exchange EAS issues I have blogged about at length. It is supposed to be available June 28th. I hope that Sprint also updates the Hero. I will post more as I find about it.

Regarding Android and Exchange Sync

So, I found out what is going on. The Android device tries to contact the Exchange Server to create a profile. The Exchange Server is responding and asking for the Android device to acknowledge the current corp policy. No response from the Android device after that. The Android device won’t acknowledge and keeps retrying its previous command. This is purely a device-side issue and HTC’s standard response is, “We don’t support Exchange 2010”. The devices seem a bit flaky, sometimes establishing the profile and syncing fine after multiple configuration attempts. At this time, the only solution for the end-user that works consistently is to buy/use Touchdown, the 3rd party EAS application for the Android devices.

The Evo and .CER Files

I just discovered that the Evo will recognize and allow the installation of .CER files. However, doing so did not make a difference with respect to the Exchange Active Sync issues I have been having with it (and the Hero). I am in the process of moving my mailbox back to Exchange 2007. I will try both the Hero and Evo once the move is done. I will also try the Kin Two (I just got one today, and it is having issues with Exchange 2010 as well).

More about Android and PKI Certificates

I have been working with DoD PKI certificates for some time. On other mobile devices, there is a requirement for the DoD Root Certificates to be installed on the phone. These certificates are presented as .CER files, and the devices install them locally as trusted root certificates. The server that the device is trying to connect to then has a private SSL certificate which chains back up to the root that the device trusts. The device and server then create an SSL connection over port 443.

On Android devices, there is no capability to allow the installation of public .CER files into the local trusted certificate store. You can install a personal/private certificate (PCKS #12/.PFX), but this does not satisfy the situation described above where the connection is looking to match the public certificate root installed on the device with the private certificate installed on the server (and this certifitcate chains up to the root).

At this point, Android does not seem to require the public certificate to be installed on the device for Active Sync to work. Hopefully, that will change in the future.

Broke EAS on my Hero….

I was trying to configure another EAS account on my Hero today, so I removed the one I had working. When I was done testing, I went back and tried to add the original account back, and I am getting the same “Failed to create account” error.

This time, I will try to see when it starts to work and why.