BlackBerry Forums Support Community
              

Closed Thread
 
LinkBack Thread Tools
Old 07-13-2006, 02:30 PM   #1 (permalink)
New Member
 
Join Date: Jul 2006
Model: 7290
Posts: 2
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default S/MIME Encryption - How do I set it up? (using BES + 7290)

Please Login to Remove!

Hi,
unfortunately I am a newby concerning blackberrys, but I have to set up E-Mail-Encrytion for our Blackberrys (all 7290) now.

I downloaded the "S/MIME Support Package" and installed (together with a firmware update) on one handheld.

I set up the access to our LDAP-Server that hosts the certificates - on the BES as well as on the Desktop Manager and the handheld.

If I understood everything right I should be able to download certificates to the handhelp and decrypt mails.

If I try to do this on the Blackberry itself I get an error-message saying that an unknown error occured while accessing the LDAP-Server. Unfortunately, it gives no further information, error-codes or anything.

With the Blackberry Desktop Manager just nothing happens: I don't see any certificates and all the buttons for importing certificates, search on the LDAP-Server etc are greyed out.

I could barey find any information about this (only the "white paper" and the "user guide supplement" about the S/MIME support package).

So I hope that somebody here can help me out. Did I miss any steps in the configuration? What can I do to get at least an idea of what the problem is? Or does anyone know any further documentation on this topic?

I appreciate any tips and help with this
thanks
Karsten

Last edited by coluphid : 07-13-2006 at 04:04 PM.
Offline  
Old 07-17-2006, 03:56 PM   #2 (permalink)
Thumbs Must Hurt
 
misterbulldog's Avatar
 
Join Date: Feb 2006
Location: D.C Metro Area
Model: 9630
OS: 5.0.0.975
Carrier: Verizon
Posts: 164
Post Thanks: 0
Thanked 2 Times in 2 Posts
Default

Do you have Certificate Sync installed on the Desktop?
Did you enable S/MIME encryption on the BES server (Blackberry Server Properties/Message Options)?

Once you get that setup you should be able to sync certs with the handheld and the desktop.

I'm not sure about the LDAP error yet. I just moved the BES database to a new server and am having the same problem at the momemt. Firewall maybe?

I'm sure you also realize that you will need RIM's Bluetooth CAC reader?

Hope this helps.
Offline  
Old 07-18-2006, 02:23 AM   #3 (permalink)
New Member
 
Join Date: Jul 2006
Model: 7290
Posts: 2
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi, does this only work with CAC readers? That was not the setup I intended to use. My idea was that the devices get the certificates from the Server and then they should by able to decrypt.
Your reply sounds like it won't work that easy. Do I really need additional hardware for each device (the cac reader) to get this to work?
Offline  
Old 07-18-2006, 09:51 AM   #4 (permalink)
Thumbs Must Hurt
 
misterbulldog's Avatar
 
Join Date: Feb 2006
Location: D.C Metro Area
Model: 9630
OS: 5.0.0.975
Carrier: Verizon
Posts: 164
Post Thanks: 0
Thanked 2 Times in 2 Posts
Default

If the message is only signed you will be able to read the message. I don't know if you will be able to reply to the message, but I'm sure that if you can reply, the reply will not be signed.

If the message is encrypted you will not be able to open it without the users cert on your handheld and you will need a CAC reader.
Offline  




Copyright 2004-2016 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.