Hello,
First of all sorry for my english. I will try to be the most clear I can :)
I ve a major trouble using sqlce 3.5 to sync against a domain member server. Here is the scenario :
- DC 2008 R2 with CA entreprise root service which issue certificats for all my domain, using sha1 signature. I know it could be an issue, but as I will explain I exclude it.
One member server is used for all the database and sync feature :
- SQLServer 2005 ent. with distribution, publication and subscriber enable.
- IIS installed, with SQLCE 3.5 sp2 and a website configured for the end device web sync
- computers running C# program doing sqlce 3.5 sync, with windows authentication throught SSL with a IIS certificat issued by my 2008 CA
What is working :
- [mywebsite]/sqlcesa35.dll?diag all is green, except 10.0 Database Reconciler because I don't have 2008 installed. It works from any computer, domain member or not.
- sync from any domain member from the LAN and the internet
I use a domain user who has right in the database, the website and the share containing the data to replicate.
- CA root certificat install on untrusted computer.
- SSL server certificat signature trusted by installed root certificat
What is not running
- sync from untrusted computer, even in the LAN.
Every time I sync, I get a 28037 sqlce error.
As I ve found and understand, I can exclude the SHA1 error because domaine computer are able to work with SSL connection, even if the ca root cert use the sha1 signature. maybe being an untrusted computer could cause a trouble but I don t thing.
I ve also tested with sql managment tool, from untrusted computer with the relevant .sdf file and proper subscription already configured but empty (with a blank initial sync), and I still getting the 28037 error when I start the sync from the computer.
If someone has an idea to deal with domain and unstrusted computer, you will help me more than you think