BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 12-05-2012, 07:39 AM   #1 (permalink)
Knows Where the Search Button Is
 
Join Date: Sep 2012
Model: 8520
PIN: N/A
Carrier: o2
Posts: 36
Post Thanks: 2
Thanked 3 Times in 3 Posts
Default https issues bes 5

Please Login to Remove!

I migrated all our users to bes 5.04 and I have since had a few reports from users that https websites are no longer working. After looking in the problem it appears to be a relatively common problem. I found these related KB

hxxp://btsc.webapps.blackberry.com/btsc/viewdocument.do?noCount=true&externalId=KB20833

hxxp://btsc.webapps.blackberry.com/btsc/viewdocument.do?noCount=true&externalId=KB22536

I have tried to enable "Allow untrusted servers Yes" on the mds https settings. But this has not resolved the problem.

The question I have with this problem is why is it occurring to begin with? I am getting this error when going to hotmail.com but not paypal.com.

Obviously I would prefer not to allow untrusted https connections but I would have hoped the bes would be smart enough to recognise a valid cert from an invalid cert.

Is there a better solution to this problem that I have might have overlooked? because the KB I posted do not resolve the problem. Even after applying the suggested fix i still get cert errors on the devices when trying to access hotmail.com

edit: just found this kb hxxp://btsc.webapps.blackberry.com/btsc/viewdocument.do?externalId=KB27716

Looks like it might be a known issue under investigation. hmm.

Last edited by JakeKole : 12-05-2012 at 08:17 AM.
Offline  
Old 12-05-2012, 05:45 PM   #2 (permalink)
Knows Where the Search Button Is
 
Join Date: Sep 2012
Model: 8520
PIN: N/A
Carrier: o2
Posts: 36
Post Thanks: 2
Thanked 3 Times in 3 Posts
Default Re: https issues bes 5

I think this might be specific to blackberry browser. The blackberry browser is not configured to distinguish between self signed and non self signed certificates only like desktop browsers. But it is configured to detect mismatches between the common name of the certificate and the domain name.

For example hotmail.com which has a common name of login.live.com is not detected by desktop browsers as a need for a security prompt. But on the bb browser it triggers the prompt.

Maybe the question should be how to configure the policy for client side ssl parsing to only warn on non signed certificates and not common name irregularities.

Last edited by JakeKole : 12-05-2012 at 05:49 PM.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: https issues bes 5
Thread Thread Starter Forum Replies Last Post
Issues with BES and the 9550 and 9630: stop recieving emails Dark_Matter BES Admin Corner 7 05-28-2010 04:36 PM
BES 4.1.6 and BES 5.0 on same domain, DB issues? sniffs BES Admin Corner 16 04-14-2010 12:21 PM
Help with Exchange 2000 to 2007 and BES 4.1.3 to BES 4.1.5 Banjo BES Admin Corner 10 07-31-2008 04:32 PM
Another Activating Initializing on BB Professional patrickd26 BES Admin Corner 4 05-06-2008 06:12 AM
BES basics questions: requirements, load, encryption, AD, etc. tollers BES Admin Corner 4 03-03-2008 08:06 AM





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.