BlackBerry Forums Support Community               

Closed Thread
LinkBack Thread Tools
Old 04-23-2013, 05:05 PM   #1 (permalink)
BlackBerry Extraordinaire
Join Date: Mar 2006
Model: 9700
Carrier: t-mobile Germany
Posts: 1,369
Post Thanks: 11
Thanked 72 Times in 69 Posts
Default BES10: Z10, VPN w. x509cert, SCEP

Please Login to Remove!

I try to setup the VPN connection for a test-Z10 with certificates (currently it works ok with preshared key):
I have an M$ enterprise root-CA, and have most likely setup the mscep service correct. Also configured the service to have a permanent password.

I created an SCEP profile in the BES10/BDS, created a new VPN profile, similar to the existing preshared key already working, but changed authentication from PSK to PKI.

Tried out on the Z10, but get an unspecified error.

I then thought, I manually create the profile on the Z10. When I do this, I am asked to choose the root-CA for the Certificate, but my private enterprise root CA does not show up here (the pulldown says "all CAs").
However, when I go back to the certificate management of the device, I can see, that my root-CA is present under the category "Enterprise Web" (I delivered it to the Z10 using the shared folder in the server).

How can I find my CA to create a VPN profile ?
Also: when I create the VPN profile on the BES server, there is no option to choose a root CA for the certificate authentication, which I do not understand. My best guess is, since I associated the SCEP profile to the VPN profile the BES server will use some kind of magic to automatically select the correct root-CA. This is possible but a little unlikely, because in the locked VPN profile I can see on the device, there is just nothing in the pulldown.

The BDS manual just tells "add the SCEP profile to the VPN profile".

Anyone here who also tried this out with sucess ?
Closed Thread

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: BES10: Z10, VPN w. x509cert, SCEP
Thread Thread Starter Forum Replies Last Post
General BES10 Server with z10 Issues Urlryn BES Admin Corner 2 03-22-2013 02:43 PM
Bes10 - "email profile" and smtp config, other things nobody7290 BES Admin Corner 1 02-09-2013 04:21 PM
Blackberry 9900 - Wifi Tethering - Change Router DHCP Addresses? BBxer General 9900 Series Discussion - Bold Touch 4 03-19-2012 11:29 PM
Complete list of BES 4.0.3 IT Policy Options... BES admin BES Admin Corner 3 12-14-2005 12:38 AM
New IT Policy Rules...? jibi BES Admin Corner 0 04-22-2005 10:04 PM

Copyright 2004-2014
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.