BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 12-12-2005, 08:12 AM   #1 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default smime messages have no email body

Please Login to Remove!

All of my email accounts are coming through the BlackBerry Web Mail portal (webclient.blackberry.net) and I'm not using a BES. The problem is any message that is digitally signed does not contain the message body. If I log into the website to check the email the body exists and notes that it is s/mime.

Do I have to have a cal or certificate on my BB in order to view these messages or is there something else I can do?

Scott
Offline  
Old 12-17-2005, 09:49 AM   #2 (permalink)
Thumbs Must Hurt
 
Join Date: Aug 2005
Model: 7290
Posts: 181
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Correct me if I'm wrong

But do you have the s/mime support package installed on your handheld as well you will need the certicificate sync appliation installed with DTM to get your cert and others certs on your BB. As well you can't send s/mime messages from the handheld w/o BES

I have been using the PGP and S/Mime packages with my Handheld for a while now and I'm pretty sure with s/mime you need BES.
Offline  
Old 12-17-2005, 05:38 PM   #3 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I do not have the s/mime support package installed and do I really need to buy a cal just to have it on my BB? Is the only way to get the software by going through [email address]?
Offline  
Old 12-18-2005, 04:05 PM   #4 (permalink)
Knows Where the Search Button Is
 
Join Date: Oct 2004
Location: nowhere
Model: 5790
Carrier: Velocita
Posts: 33
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

RIM- BBTECH has it about covered. Additionally if your company is using smartcards and you have no exportable priv keys to sync to the handheld, you will want the new reader too:
http://www.blackberry.net/products/a...martcard.shtml

Not suprisingly, there are more and more companies requiring these, as well as tighter IT Policies to enable content protection on the device, disable webclient, etc.
Offline  
Old 12-18-2005, 06:44 PM   #5 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I don't want to over complicate things. Our environment is not that secure and we are not using smart-cards. However, we all have 1024 bit Class 1 certificates (free) from Comodo installed on our desktops and laptops and I would like to know what the minimum requirements are for me to view email sent from with those digital signatures on my BB.

So far I have read the white paper and checked out the Government site regarding s/mime, but I have yet to see a step by step process of what is needed and/or the steps I must take to be able to read these messages.

Is there software that I must buy in addition to the default BB install on the 7520? What else must I get?

Thanks again for all your help thus far...
Scott
Offline  
Old 12-19-2005, 06:31 PM   #6 (permalink)
Thumbs Must Hurt
 
Join Date: Aug 2005
Model: 7290
Posts: 181
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

To my best knowledge you will need a BES from RIM with a TSupport contract. There are other wireless service providers which sell the BES software but make sure they have the S/Mime support package. When you purchase a TSupport contract with RIM they will provide you with a TSupport login and that will give you access to software downloads. This is the only way you will be able to view S/Mime messages.

http://www.blackberry.com/knowledgec...66043&vernum=5

Look at page 3 it tells you what you will need for S/Mime
Which states the requirements to use S/Mime.
Offline  
Old 12-22-2005, 09:34 AM   #7 (permalink)
New Member
 
Join Date: Oct 2005
Model: 7100g
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I am having a similar problem I think. A particular website our company uses can be access just fine by devices on the html browser -- if they're not running 4.1 code. The 8700's can't access this site at all. Where can we download the s/mime support package referred to in the White Paper?
Offline  
Old 12-22-2005, 10:00 AM   #8 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Kasara,

I don't think that is quite the same issue. S/MIME is Secure Multipurpose Internet Mail Extensions that relate to email only. the viewing of the site is probably a separate issue with the BB code.

Scott
Offline  
Old 12-22-2005, 10:11 AM   #9 (permalink)
New Member
 
Join Date: Oct 2005
Model: 7100g
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Any suggestions on what to do? I need to get this fixed asap as this site is used all day long and the ones with 8700 can't login to it.
Offline  
Old 12-22-2005, 10:16 AM   #10 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default BES Trial Download

RIM - BBTECH,

Once again a great experience with Nextel...oh my god. I decided to call 611 the Nextel service line to find out how I could get BES or at least the upgraded Management software with certificate support. After 45 minutes of the tech appologizing for not knowing anything about BES or S/MIME or digitally signed email, I finally asked to be transfered to the sales number that is listed on the Nextel site for information and pricing relating to BES. He had no idea that the link existsed and was also unable to transfer me so I hung up. To make a longer story less long I talked with the sales rep for 6 minutes then transfered back to BB support and got a guy named John that was at least aware of what BES was. He told me that I would have to buy a CAL, but couldn't help me with pricing.

So after looking around a little more on the RIM site I found a trial download of BES at this site. I installed it, but now I'm left with more questions. The purpose of BES as I see it is to manage multiple devices within an organization and is really a complete waste for an individual consumer looking to use certificates. Since I'm not the manager of the Exchange server in our organization I had to install BES on my desktop and try to use a MAPI connection to resolve my name which failed. Is there any other way to resolve a user list in BES than having it be pulled down from exchange?

There are also some switches you are supposed to use in order to install the certificate manager using setup "/i"INSTALLLEVEL=125"" which didn't work either.

If I can assign myself to the unit and install the certificate manager shouldn't I be good to go with and S/MIME emails in the future? Would I even need BES after that?

Any suggestions would be appreciated,
Scott

Last edited by ScottSF : 12-22-2005 at 11:24 AM.
Offline  
Old 12-22-2005, 10:19 AM   #11 (permalink)
New Member
 
Join Date: Oct 2005
Model: 7100g
Posts: 9
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Because everyone not on an 8700 can login fine, this makes me think it's someting in the 4.1 software. :(
Offline  
Old 01-06-2006, 03:26 PM   #12 (permalink)
New Member
 
Join Date: Jan 2006
Model: 7130e
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Scott, Did you ever figure out a solution? We are in similar situation, small company, no MS Exchange and cannot afford BES. We use Comodo free email certs. Works great with Outlook and other email clients but not with the Blackberrys. I contacted Comodo and they said their certs are not compatible with Blackberrys at this time. I was also wondering about other free email encryption like Thawte or OpenPGP/GnuPGP. Thanks.

Bob
Offline  
Old 01-06-2006, 03:40 PM   #13 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Bob,

All I have to date is bad news. I have spent hours on the phone with Nextel who in turn have called their RIM reps only to find out that BES is currently the only solution. A friend of my found a book about BB hacks and I went as far as buying the book to read the section on how to get smime to work on BB...problem was even the hack book says you need BES.

Comodo unfortunately is not the problem and other encryption certificates will not work. The root of the problem is getting the certificates sync'ed with the device. I'm still a little confused why you can't just get the updated certificate sync desktop app and let the BB resolve the encryption. For some reason they say that BES has to be on the Exchange box, but the only reason I have seen that it needs to be loaded on an Exchange box is to integrate with the user list so that you can appropriate a BB with a Exchange user. Once that is done I don't see how BES is needed unless further management of devices is needed. In our case it doesn't make sense. I'm honestly losing my mind over this issue as it seems like a HUGE oversight in their "Business" centric model.

To make things worse my partner is using the Sprint Audiovox PPC 6600 phone and it does not require any additional software to be able to read signed messages. I'm pretty sure that any Windows based phone will be successful too.

Bottom line is that BB doesn't understand the consumers needs if their intention is disregard security at the individual level.

Please keep in touch if you find other alternatives...I will do the same.

Scott
Offline  
Old 01-07-2006, 09:43 PM   #14 (permalink)
New Member
 
Join Date: Jan 2006
Model: 7130e
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Scott, Sorry to hear that. I like the BBs but we need email encryption and BES is overkill. I have make several inquiries and I get the same story. We are going to keep digging and perhaps will find a decent solution. One curious thing is that you can easily import the appropriate email certs into the BB using the desktop manager but it has no effect on decryption of the message.

Thanks for the info. Will let you know if we have any breakthroughs on any of this.

Bob
Offline  
Old 01-19-2006, 11:31 AM   #15 (permalink)
BlackBerry Extraordinaire
 
Join Date: Jan 2006
Model: LEZ10
OS: 10.0.10
Carrier: Rogers CA
Posts: 1,704
Post Thanks: 20
Thanked 77 Times in 68 Posts
Cool

I have been chasing a similar problem for which the solution is putting certificates on the BB hand held, don't want BES etc. I finally found this document (click here) on S/Mime support for 4.1 and describes how you can install Certificate Sync on the Blackberry Desktop Manager. I have an 8700r with version 4.1 and was able to pull certificates out of the Windows store and upload them to the handheld.

I am now in the process of creating test certificates for my application (certificate authenticated web access) so I am not sure if this will solve your S/Mime issues but it could be worth a try if you can get 4.1 for your handhelds.

--
Buck
Offline  
Old 01-19-2006, 12:41 PM   #16 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

hrbuckley,

Thanks for the update on the new Desktop software. I have DL and installed it and have even sync'ed the certificates to my BB, but still no email body. At this time 4.0.1 is the latest BB OS available for the 7520 or so the site says. I'm going to keep watching for 4.1 and hope that it will allow me to see the text now that I have the certifcates.

If I am doing something wrong and 4.0.1 should be able to read the email body now I have certificate sync please let me know.

Scott
Offline  
Old 01-19-2006, 02:45 PM   #17 (permalink)
BlackBerry Extraordinaire
 
Join Date: Jan 2006
Model: LEZ10
OS: 10.0.10
Carrier: Rogers CA
Posts: 1,704
Post Thanks: 20
Thanked 77 Times in 68 Posts
Default

I have not used S/Mime or encrypted email. I have completed making keys for my test web site and the certificate I imported and uploaded allows me to do certificate authenticated access to the https server.

Things to check:
- make sure your certificate showes up in your certificate list (Options - Security - Certificates) with a green check and a key icon beside it. It should also be listed under Show My Certs selected from the menu.
- select your key and then Show Chain from the menu, make sure all the certificates in the chain are in the unit and have green check marks as well (don't know if this is vital but I got complaints from the BB or desktop when it wasn't true).

I don't have any aditional options (such as encrypt/decrypt) in any of my mail menus. Have you read all of the document I linked to above? I haven't, there may be something in there that means something to you.

Good luck, I'll post any other info I find.

--
Buck
Offline  
Old 02-06-2006, 12:02 AM   #18 (permalink)
New Member
 
Join Date: Dec 2005
Model: 7520
Posts: 10
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Well just installed the new 4.1 OS along with the new desktop manager and now I'm able to sync certificates, but still not able to read digitally signed emails. This is rediculous...
Offline  
Old 12-26-2006, 01:20 PM   #19 (permalink)
Thumbs Must Hurt
 
Join Date: May 2005
Location: Bay Area
Model: 8700g
Carrier: T-Mobile
Posts: 183
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by ScottSF
Well just installed the new 4.1 OS along with the new desktop manager and now I'm able to sync certificates, but still not able to read digitally signed emails. This is rediculous...
Indeed... I'm looking for a BIS solution too.
Offline  
Old 01-09-2007, 04:27 AM   #20 (permalink)
New Member
 
Join Date: Jan 2007
Model: 8830
Carrier: Verizon
Posts: 4
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default Any solution yet?

I'm in exactly the same boat as you guys have described and spent a while trying to figure this out. Has anyone using BIS bit the bullet and tried installing the S/MIME Support Package for $200 to get the app on the handheld? It's not clear that it actually needs BES to function from what I've read given the certificate sync feature of 4.1 (isn't BES just used for cert sync'ing anyway from a central source?).
I may give it a try if I can get a return if it doesn't work.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.