The curl error you're getting is an error 60 which means "Peer certificate cannot be authenticated with known CA certificates."

You'll need to add the CA certificate onto the N900 (save to the N900, then open in the file manager - it should prompt to install to the certficate store).

As I have stated before, I have done this, I have added the root certificate to the store.

Can you just confirm what format the cert was saved as, some of the guys reported that it only worked for base 64 x509 .cer format, and you browsed the cert using the file manager and installed from there.

That's the error you're getting, so if you've installed the (correct) CA certificate, and it shows in the Certificate Store, then it's supposed to work. As it's not, then I guess you'll have to wait for Vitaly to chime in on this.

Yes. (you can see the export parameters in attached file).

That shows no certification path, which probably means it is untrusted cert.

see this post by Vitaly

http://talk.maemo.org/showpost.php?p...9&postcount=33

yes, it is self signed, but should there be something more special set to the certificate?

Hi all,
Thanks to this forum I think I have finally been able to sync reproducibly to mail for exchange! Here is what I have found:
I started, as most, trying to sync and getting the error "either exchange server requires secure connection or account is disabled" (I’m running Firmware v: 1.2009.42-11)
So I imported a Certificate since the program does not do it automatically (Please Nokia this should be fixed!). Like Mikec wrote in a previous post: if you have OWA (outlook web access) surf to it using your computer. (if not request the certificate(s) from your administrators), You will notice a padlock at the end of the address bar on IE7, Click the padlock, Click "view certificates", Click the "Details" tab, Click "Copy to File", A Wizard will start up. If you have a certificate chain like we do, just exporting to a Base-64-encoded X.509(.CER) will not work! You can see the certificate but the install will not appear. Create instead a PKCS 7 (.P7B) and include all certificates. Click next and save it somewhere. Now open the file and you will find a different view. Go to the certificates and start the procedure again for all of them in the chain to Base-64-encoded X.509(.CER). We have 3 in our chain (4 including the user certificate that you will not be able to import. (actually you can import the PKCS 7 file into the N900, but I have not tried to see if it works) I installed PC suite and copied the 3 files over to my N900 via Bluetooth.
1. I confirm that: exchange 2003 does not work, but 2007 does. Very few systems work with 2003 because it is not a good program! 2007 must also be set to allow non-provisionable devices.
2. The Region for some reason needs to be the same in the system and in MFE (if you use settings -> mail for exchange, you don’t have to set this and is not an issue.)
3. The missing point that I discovered, when importing the certificates they must be set as “server” and not as “E-mail”…..go figure!
I think that is all, Thank you all for your posts!

I've noticed that MfE account is not kept synchronized even after setting "Always on" in sych settings. It seems like it looses the actual connection with the exchange server after some time.

I think that is common problem with all mail account types in N900, had problem with Nokia Messsging and even POP3 looses connection time to time causing wierd behavior.