BlackBerry Forums Support Community

BlackBerry Forums Support Community (http://www.blackberryforums.com/)
-   BES Admin Corner (http://www.blackberryforums.com/bes-admin-corner/)
-   -   Importing trusted root certificates for MDS (http://www.blackberryforums.com/bes-admin-corner/80906-importing-trusted-root-certificates-mds.html)

bmihailescu 06-12-2007 05:26 AM

Importing trusted root certificates for MDS
 
Hi,

I'm trying to test a connection to an SSL server through MDS. I have a trial Verisign SSL certificate installed on the SSL server and I need to import the Verisign Trial Root certificate in the MDS server (Verisign provides a different root certificate for trial SSL certificates).

From what I've read in the BES documentation, I have to import the root certificate in the Java keystore (jdk 1.4.2_08) which is installed on the machine that runs the BES. However, after I imported the certificate, I still get the "Insecure SSL Request" message on my Blackberry device. I know that MDS has a flag that can be set to accept insecure connections, and it works, but I want the device to not display anything to the user, that's why I'm testing the Verisign Trial solution.

Is there anything that I'm doing wrong here? Should I restart the server after importing the certificate?

hdawg 06-12-2007 06:16 AM

I *think* this is what you're looking for ... you shouldn't need to restart.

If you go to Options --> Security Options --> TLS

You can modify the settings here. I beleive if you set the 'TLS Default' to "Proxy" you'll be all set as the SSL connection will only be established between the BES and the destination server. Also, set the 'Allow HTTPS
Redirections' field to "Yes".

bmihailescu 06-12-2007 06:35 AM

I already did that on the device side. The device is set to proxy mode, so SSL should be done only between the BES and the SSL server.
I think that there must be something wrong on the BES/MDS side because it is as if the root certificates are not imported correctly.

bmihailescu 06-13-2007 06:17 AM

Isn't there anyone who has had this problem before? It seems to be a basic issue that should have been dealt with so far.


All times are GMT -5. The time now is 06:58 PM.

Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.