DisableCertChk and WM5

[tags:Windows Mobile]

At last! I found the solution to Active-stink complaining about an invalid SSL certificate during server sync (my company uses wildcard certificates – not supported on WM5).

Surprisingly (or not), the registry on Windows Mobile devices is very familiar if you have ever looked at the registry on a regular PC. Anyways, to disable Cert Checking, you navigate to the following location:


Here you should notice 2 sub-keys, both with a unique UID. One is set up for the ActiveSync Partnership with your PC, the other is set up for the partnership with your Exchange server. Fortunately, it is fairly easy to distinguish between the two. Simply highlight one of them, and look at the different values. You’ll see pretty quickly which one is for your Exchange server. While the partner key for your Exchange server is highlighted, create a new value with the following

Name: secure
Value: 0

Thanks to Ben Winzenz, you saved me going bald dude.


3 thoughts on “DisableCertChk and WM5

  1. http://

    If only this worked on WM6 🙁

    I want to sync over VPN – seems that there is a bug in WM6 where VPN work exceptions (the list that triggers VPN connection) doesn’t like a FQDN. So for the connection to work i call my exchange server “webmail” but then I get the dreaded SSL name mismatch error. If I put in “webmail.mydomain.com” I don’t go over the VPN.

    If I could turn off cert checking, I would be golden.

  2. http://

    WM6 accepts wildcard certificates by default. We had to do the above registry hack an all our WM6 devices, but the WM6 devices worked right out of the box…

  3. http://

    Can the registry be edited to allow partnerships with more than two pc’s?
    For instance two desktops and one or two notebooks, with usb cable or bluetooth.

Comments are closed.