This was sent via email to all customers on April 2, 2004:

Dear iAnywhere Customer,

We wish to bring to your attention the expiry of SSL certificates used
by the AvantGo M-Business Server (including Mobile Inspection). This
notification is for advance planning purposes. Software updates using
a new SSL certificate may be available as early as April. These
updates will be made available to customers who register as described

The AvantGo Root Certificate, which we use to create SSL certificates,
is expiring as of July 31, 2004. Because of this, anyone using
AvantGo-issued SSL certificates will need to get new certificates, and
updated clients that work with the new certificates. Starting on
August 1, 2004, existing clients will no longer be able to sync

By getting a new certificate and upgrading your clients before August
1, you will avoid problems related to SSL. We are working on
solutions that will allow you to continue operations without any
problems, and we expect to be able to give you more details over the
coming months.

What you need to do now:
Please register your interest in obtaining updated software by
completing the following form:


Q. Whom will this affect?
A. Anybody using M-Business Server (including the Mobile Inspection
application) to synchronize securely with an SSL certificate that was
issued by AvantGo.

Q. We don't use SSL. Will this affect us?
A. No.

Q. We use an RSA certificate. Will this affect us?
A. No.

Q. I don’t remember if my certificate was issued by AvantGo – how do I
A. On a Windows machine double-click on your certificate file.
Alternatively you may open the file avantgoserver\conf\sync.conf and
search for a line that does not start with a pound sign (#) and
contains the text "Sagd_CertFileName". If you find this, then you
have an SSL Certificate from AvantGo.

Q. When will this affect us?
A. If you do not do anything, it will affect you starting August 1,

Q. Why is this happening?
A. AvantGo uses a Root Certificate to create SSL certificates. It is
expiring, and therefore all certificates that were generated with this
Root Certificate will expire. This includes the server certificates we
generate for customers as well as the list of trusted certificates
embedded in the M-Business clients. Because of this, only new or
updated clients will be able to connect securely after August 1, 2004.

Q. What do we have to do to prevent this from happening?
A. Two things:
(1) Upgrade the clients to ones that trust the new certificate.
(2) Obtain a new certificate from us that has been created with an
updated root certificate. You should do this after your clients have
been updated.

Q. How do I upgrade the clients?
A. There are two options.
(1) You can upgrade to M-Business Server v5.5 when it becomes
available. If you have a current maintenance agreement, you can
upgrade your devices to this version at no charge. (One new feature in
version 5.5 is that the list of trusted certificates will no longer be
embedded. This will allow certificates to be updated without updating
the client software.)
(2) We also plan to ship updated client software of versions 3.6, 4.2,
5.1, 5.2 and 5.3. You may use this option if you do not want to
upgrade to version 5.5. Updated client software for these versions
will ship after the M-Business Server 5.5 release. To get access to
these updates, please register your interest at

Q. How do I get a new certificate?
A. You can get a new certificate (at no charge) by running the reqtool
that ships with M-Business Server and emailing the results to .

Q. If we do nothing, what will happen on August 1?
A. When clients try to connect securely, they will get an error
message saying there's been a certificate error and recommending that
they check their device's clock.

Q. What workarounds are there if I encounter this problem on August 1?
(1) If your users are in this situation and your server is set to
allow insecure connections, you have the option of having your users
disable secure connection in AvantGo Connect until you can perform the
(2) Your users can adjust the clock on their device to some date
before August 1, 2004.