I was wondering if I could get some clarification on the encryption pieces.

I know there is a setting to force HTTPS for all Internet based traffic.
This is done on the properties of the server on the general tab. GMS also
states that all traffic is already encrypted. When you look at the
profile settings for Encryption, it is already enabled with AES by
default. Is there a security advantage to the HTTPS? Does the AES only
apply to mobile sync and not the web interface and that is why HTTPS is an

It was stated in the documentation that only public certificates from
Verisign or similar Internet Certificate Stores would work. Is this true
and is this the only way? I ask this because I have used other products
where the application only works if the certificate is recognized as valid
and does not prompt you to accept/decline instead.

I know in some cases you generate an internal certificate using your AD
Domain or NDS and manually import it on the mobile device. You can then
use this internal certificate for IIS to enable HTTPS. The mobile device
would then be able to recognize the certificate as being valid. I know
some applications have a limitation where they can not use imported
certificate authorities. Would this process work or is only solution a
company like Verisign?

I have been told before that communication between the agents is already
encrypted GroupWise traffic. Is SOAP the same way with GW Mobile Server or
doe you really get a benefit out of SSL? I know you can turn it on and
off, just wondering if turning it on really accomplishes the change from
clear text to encrypted.