Question : Configure iPhone with Exchange 2003

Hi all, one of our clients has an iPhone he needs to sync with Exchange 2003. I have walked him through setup on the iPhone side, but we cannot connect to Exchange. There does seem to be some certification issues when trying to access 'mail.example.co.uk'.
Could someone point me in the right direction to getting this sorted? I think once the mail domain issue has been resolved, syncing the iPhone will be a breeze.

This is the message I get when trying to resolve the mail domain..

There is a problem with this website's security certificate.
The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website has expired or is not yet valid.
The security certificate presented by this website was issued for a different website's address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.  
  We recommend that you close this webpage and do not continue to this website.  
  Click here to close this webpage.  
  Continue to this website (not recommended).  
     More information


If you arrived at this page by clicking a link, check the website address in the address bar to be sure that it is the address you were expecting.
When going to a website with an address such as https://example.com, try adding the 'www' to the address, https://www.example.com.
If you choose to ignore this error and continue, do not enter private information into the website.

For more information, see "Certificate Errors" in Internet Explorer Help.
 
There is a valid certificate, all A records etc seem to be correct. Its as if there shouldnt be anything wrong. Any help would be appreciated!

Thanks

Answer : Configure iPhone with Exchange 2003

Here is my checklist for Activesync so that you can make sure all is well:

You need to make sure that you have Exchange Server 2003 Service Pack 2 Installed - http://www.microsoft.com/downloads/details.aspx?FamilyID=535BEF85-3096-45F8-AA43-60F1F58B3C40&displaylang=en

Open Up Exchange System Manager - Start, Programs, Microsoft Exchange, System Manager.  Expand Servers, Right-Click your server and choose properties.  This will display whether you have SP2 installed or not.

If you have installed SP2, check on https://testexchangeconnectivity.com running the Exchange Activesync check.  You may need to tick the Ignore Trust for SSL check box if you have a self-signed certificate as these always fail.

Ensure that port 443 is open and forwarded on your firewall to your Exchange server.

Please check and mirror the settings below - Open up IIS and expand the default website then Click on the Directory Security Tab:
 
Exchange Virtual Directory
·         Authentication = Integrated & Basic  
·         Default Domain = NETBIOS domain name - e.g., yourcompany  
·         Realm = yourcompany.com  
·         IP Address Restrictions = Granted Access  
·         Secure Communications = Require SSL NOT ticked  

Microsoft-Server-Activesync Virtual Directory
·         Authentication = Basic  
·         Default Domain = NETBIOS domain name - e.g., yourcompany  
·         Realm = NETBIOS name  
·         IP Address Restrictions = Granted Access  
·         Secure Communications = Require SSL NOT ticked  

Then issue IISRESET from Start, Run

Make sure that the name on the certificate that you are using matches the FQDN that you are connecting to e.g., mail.microsoft.com.  If it does not match, either re-issue the certificate if you created it yourself, or re-key the certificate from your SSL certificate provider.

Ensure that the IP for the Default Website is set to All Unassigned

Ensure that Forms Based Authentication is NOT turned on under HTTP Virtual Server under Exchange Protocols.  If it is  read http://support.microsoft.com/kb/817379

ASP.NET should be set to version 1.1 for all virtual directories listed above.