BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 05-06-2008, 06:35 AM   #1 (permalink)
New Member
 
Join Date: Mar 2007
Model: 8700
Carrier: Vodafone
Posts: 11
Post Thanks: 0
Thanked 0 Times in 0 Posts
Exclamation Blackberry access to HTTPS sites

Please Login to Remove!

We are unable to access HTTPS web sites from our blackberry handheld devices. Have tried it on various devices, various users and various web sites but all come back with errors.



At first our devices were receiving the below error ;



"HTTP Error 403: Forbidden



You are not authorized to view this page...."



Since then we have had a new proxy server. To allow internet access via our new server I changed the proxy mappings to point to a PAC file (which our Internet Explorer Browsers are now also using) and although it has improved browsing on the handhelds, we still cannot access HTTPS sites. Error message is now ;



"HTTP Error 400: Bad Request



The server could not understand the page request, or was unable to process it for some reason..."





vodafone have told us that we may be blocking access to HTTPS sites and that we need to allow this access in Blackberry Manager. I've trawled the settings and Policies but can't see what option to change? I've even used the default policy for myself but this wont allow access to HTTPS sites either.



Any help or advice appreciated!!



thanks





We are running BES server with Lotus Domino. BES v4.1.2.25.
Offline  
Old 05-06-2008, 06:58 AM   #2 (permalink)
Knows Where the Search Button Is
 
Join Date: Aug 2006
Location: Atlanta
Model: 9630
Carrier: Sprint
Posts: 36
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I think the settings you are looking for are in the MDS settings in BES Manager. When you open the <server>_MDS-CS properties, then click Edit Properties, you can HTTP and HTTPS access options.
Offline  
Old 05-06-2008, 08:09 AM   #3 (permalink)
New Member
 
Join Date: Mar 2007
Model: 8700
Carrier: Vodafone
Posts: 11
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I've checked and under TLS/HTTP and there are options for "Allow Untrusted HTTPS connections - False" and "Allow Untrusted TLS connections - False". Nothing else. How do I define what are 'trusted' and what aren't?
Offline  
Old 05-07-2008, 08:41 AM   #4 (permalink)
New Member
 
Join Date: Mar 2007
Model: 8700
Carrier: Vodafone
Posts: 11
Post Thanks: 0
Thanked 0 Times in 0 Posts
Post MDAT Log - Warnings

In the MDAT Log the following warnings appear .... (note that IPs and server names have been removed/amended)..... ;

"... 11:14:40.084 BST>:[4281]:<MDS-Server-2>:<DEBUG>:<LAYER = IPPP, EVENT = Receiving, TAG = 1915172643, DEVICEPIN = 2540ae8e, USERID = u279, VERSION = 16, CONNECTIONID = 1192274869, SEQUENCE = 0, TYPE = CONNECTION-REQUEST, CONNECTIONHANDLER = https, PROTOCOL = TCP, PARAMETERS = [blackberry.paperiq.com:443], SIZE = 1047>
11:14:40.084 BST>:[4282]:<MDS-Server-2>:<DEBUG>:<LAYER = IPPP, EVENT = CreatedReceivingQueue, USERID:CONNECTIONID = u279:1192274869, ReceivingQueueSize = 1>
11:14:40.084 BST>:[4283]:<MDS-Server-2>:<DEBUG>:<LAYER = IPPP, EVENT = StartExecuting, TAG = 1915172643, DEVICEPIN = 2540ae8e, USERID = u279, VERSION = 16, CONNECTIONID = 1192274869, SEQUENCE = 0, TYPE = CONNECTION-REQUEST, CONNECTIONHANDLER = https, PROTOCOL = TCP, PARAMETERS = [blackberry.paperiq.com:443], SIZE = 1047>
...
...
11:14:40.099 BST>:[4288]:<MDS-Server-2>:<DEBUG>:<LAYER = IPPP, PAC returns: 10.1.2.3:80;10.1.2.4:80;10.1.2.5:80;10.1.2.6:80 for https://blackberry.paperiq.com/pen.aspx>
11:14:40.099 BST>:[4289]:<MDS-Server-2>:<WARNG>:<LAYER = IPPP, Invalid HTTP Proxy Server: null proxy1.domain.co.uk80>
11:14:40.115 BST>:[4290]:<MDS-Server-2>:<WARNG>:<LAYER = IPPP, Invalid HTTP Proxy Server: null proxy2.domain.co.uk:80>
11:14:40.115 BST>:[4291]:<MDS-Server-2>:<WARNG>:<LAYER = IPPP, Invalid HTTP Proxy Server: null proxy3.domain.co.uk:80>
11:14:40.115 BST>:[4292]:<MDS-Server-2>:<WARNG>:<LAYER = IPPP, Invalid HTTP Proxy Server: null proxy4.domain.co.uk:80>....."

The same PAC file is in use for HTTP sites and it works fine.....Does this help give an indication into the issue?
Offline  
Old 05-08-2008, 07:17 AM   #5 (permalink)
New Member
 
Join Date: Mar 2007
Model: 8700
Carrier: Vodafone
Posts: 11
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have got a little further in my investigations...!

I've noted that the listening port for HTTPS (8443) doesn't appear to be open on our BES server. 8080 (for HTTP traffic) is open and is opened when the MDS service is started but 8443 isn't.? Not entirely sure how/when/why this port should open but it's something else to look into.... Can anyone tell me at which point 8443 (listening port for TLS/HTTPS) should be opened???
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.