All other methods of Activesync and web access to my Exchange server are working fine with no errors or issues, but when we attempt to configure Android phones for the server, it will only work with 'verify certificate' checked off.
Ideally, I'd like my users to be able to use the default configuration, which includes the 'Verify Certificate' option.
My primary question is: 'What does Verify Certificate do?', as I imagine if I knew that, I might have some idea why it isn't working.
Verify Certificate will require all certificates in the chain to be valid--trusted, within the date range, etc. It might be your OWA certificate, or an intermediate one neither present on the server nor device--see http://support.microsoft.com/kb/927465
Some versions of Android do not trust certificates from some of the GeoTrust CA's.
https://code.google.com/p/android/issues/detail?id=10807
https://code.google.com/p/android/issues/detail?id=10985