Fix For Exchange 2007
OK, I fought this all day today for a client, and finally got it working. I hope this will help some of you.
First, we were using a self-signed certificate. Froyo doen't seem to like these, even with the "Accept All" box checked. So, get a third party cert. I used a 90 day trial from Comodo, with the intent to renew (at $350 for 5 years, it's a BARGAIN). Replace your current cert with the new one and make sure it services at least IIS (use Get-ExchangeCertificate in the Management Shell).
With this done, still no success. Going in via a browser on a workstation worked great - no more warnings about the certificate. When I tried the Droid browser, it said the cert was not from a trusted authority. So, two more steps to take.
Step 1 - In the Management Console, browse to Server Configuration-Client Access. Click the Exchange ActiveSync tab. Right-click the web site in question and choose Properties. Choose the Authentication tab and select Ignore Client Certificates. Click OK.
Step 2 - Open IIS Manager and expand the web site in question. Right-click on Microsoft-Server-ActiveSync and choose Properties. Click the Directory Security tab and then click Edit under Secure Communications. Again select Ignore Client Certificates. BTW - you should have Require SSL and 128-bit encryption checked. Click OK twice.
Exchange sync should now work. You might need to set the account up again, but I was doing this from scratch as my client had deleted his account before calling me.