BlackBerry Forums Support Community               

Closed Thread
LinkBack Thread Tools
Old 04-23-2013, 04:05 PM   #1 (permalink)
BlackBerry Extraordinaire
Join Date: Mar 2006
Model: 9700
Carrier: t-mobile Germany
Posts: 1,374
Post Thanks: 11
Thanked 72 Times in 69 Posts
Default BES10: Z10, VPN w. x509cert, SCEP

Please Login to Remove!

I try to setup the VPN connection for a test-Z10 with certificates (currently it works ok with preshared key):
I have an M$ enterprise root-CA, and have most likely setup the mscep service correct. Also configured the service to have a permanent password.

I created an SCEP profile in the BES10/BDS, created a new VPN profile, similar to the existing preshared key already working, but changed authentication from PSK to PKI.

Tried out on the Z10, but get an unspecified error.

I then thought, I manually create the profile on the Z10. When I do this, I am asked to choose the root-CA for the Certificate, but my private enterprise root CA does not show up here (the pulldown says "all CAs").
However, when I go back to the certificate management of the device, I can see, that my root-CA is present under the category "Enterprise Web" (I delivered it to the Z10 using the shared folder in the server).

How can I find my CA to create a VPN profile ?
Also: when I create the VPN profile on the BES server, there is no option to choose a root CA for the certificate authentication, which I do not understand. My best guess is, since I associated the SCEP profile to the VPN profile the BES server will use some kind of magic to automatically select the correct root-CA. This is possible but a little unlikely, because in the locked VPN profile I can see on the device, there is just nothing in the pulldown.

The BDS manual just tells "add the SCEP profile to the VPN profile".

Anyone here who also tried this out with sucess ?
Closed Thread

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads for: BES10: Z10, VPN w. x509cert, SCEP
Thread Thread Starter Forum Replies Last Post
General BES10 Server with z10 Issues Urlryn BES Admin Corner 2 03-22-2013 01:43 PM
Bes10 - "email profile" and smtp config, other things nobody7290 BES Admin Corner 1 02-09-2013 04:21 PM
Blackberry 9900 - Wifi Tethering - Change Router DHCP Addresses? BBxer General 9900 Series Discussion - Bold Touch 4 03-19-2012 10:29 PM
Complete list of BES 4.0.3 IT Policy Options... BES admin BES Admin Corner 3 12-14-2005 12:38 AM
New IT Policy Rules...? jibi BES Admin Corner 0 04-22-2005 09:04 PM

1pc new Siemens Power 6EP1437-3BA00
1pc new Siemens Power 6EP1437-3BA00 picture1pc used Siemens Power 6EP1437-3BA00
1pc used Siemens Power 6EP1437-3BA00 picture1pc new SIEMENS 6GK7443-5FX02-0XE0 6GK7 443-5FX02-0XE0
1pc new SIEMENS 6GK7443-5FX02-0XE0 6GK7 443-5FX02-0XE0 picture1PC used Siemens 6SE7090-0XX84-0KA0
1PC used Siemens 6SE7090-0XX84-0KA0 picture1pc new SIEMENS 6ES7422-1BH10-0AA0 6ES7 422-1BH10-0AA0
1pc new SIEMENS 6ES7422-1BH10-0AA0 6ES7 422-1BH10-0AA0 picture

Copyright 2004-2016
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.