Windows Phone 8 Fails to Enroll
|Article:TECH215129|||||Created: 2014-02-18|||||Updated: 2014-02-19|||||Article URL http://www.symantec.com/docs/TECH215129|
|NOTE: If you are experiencing this particular known issue, we recommend that you Subscribe to receive email notification each time this article is updated. Subscribers will be the first to learn about any releases, status changes, workarounds or decisions made.|
When attempting to enroll a Windows Phone 8 device over SSL into Symantec Mobile Management, the agent fails to authenticate or bypass the initial agent enrollment step. Upon entering the enrollment URL and valid username and password, the agent almost immediately reports an error.
Error: Could not connect to server.
Symantec Mobile Management 7.2 SP3, SP3 MR1
Environments that require SSL communication from device to the Mobile Management Server must use an SSL certificate installed at the web server. Certain organizations use a certificate authority that is "in-house" only and not a commonly trusted and public CA. Windows Phone 8 mobile devices may not trust SSL certificates signed by these type of in-house certificate authorities.
Pre-installation of the in-house certificate authority root certificate or the web server SSL certificate on a Windows Phone 8 device may not resolve the issue.
Due to the disposition of Windows Phone 8 and corresponding trusted certificate authorities, Symantec recommends using a public certificate authority trusted by the Windows Phone device - such as Verisign.com. This commercial SSL certificate should be used on the Mobile Management Server or reverse proxy to handle SSL communication between the device and server.
Article URL http://www.symantec.com/docs/TECH215129