BlackBerry Forums Support Community
              

Closed Thread
 
LinkBack Thread Tools
Old 11-07-2007, 01:28 PM   #21 (permalink)
Thumbs Must Hurt
 
ashleyneiltaylor's Avatar
 
Join Date: May 2005
Location: London UK
Model: 9900
OS: 7.1.0.213
Carrier: Vodafone
Posts: 164
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Please Login to Remove!

Quote:
Originally Posted by Camarones View Post
Even if a certificate is required (notice that on windows clients you can disable certificate checking?) I already have the server's root certificate installed and trusted on the BB. There is only one authentication server/certification authority/domain controller in my domain/office, and that is it. Would there even be any intermeditate certificates?
On our Nortel Wireless WPA-TKIP and PEAP, we have a trusted Root certificate and Intermediate Certificate to install.

This is all controlled by Group Policy

When you issue a certificate to a device for security. You create a certifcate chain. When your clients connect to the wireless for instance, the certificate used in this process is the server certificate, not the root certificate.

For example, say you want to secure your server with a Verisign SSL certificate, you would get a signed certificate from Veisign for that 1 particular server. What happens, because the root certificate is trusted, the server certificate is automatically trusted.

Last edited by ashleyneiltaylor : 11-07-2007 at 01:35 PM.
Offline  
Old 11-14-2007, 08:57 AM   #22 (permalink)
Thumbs Must Hurt
 
ashleyneiltaylor's Avatar
 
Join Date: May 2005
Location: London UK
Model: 9900
OS: 7.1.0.213
Carrier: Vodafone
Posts: 164
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

For PEAP, you need a certificate. You need the Intermediate and Root.

You select the Intermediate in the Blackberry Wifi settings.

It doesn't work when selecting the root certificate.
Offline  
Old 01-17-2008, 01:37 PM   #23 (permalink)
New Member
 
Redcarpetroom's Avatar
 
Join Date: Jan 2008
Model: 8320g
PIN: N/A
Carrier: T-Mobile
Posts: 1
Post Thanks: 0
Thanked 0 Times in 0 Posts
Talking Mucho Thx-O

Quote:
Originally Posted by GT5L View Post
I figured out a solution, I set up the BB to connect using LEAP instead of PEAP and it works just fine. I am shocked and happy at the same time.
BLEEP da BLEEP!

U R da Bleeping Man!

I would have never thought of trying LEAP.

Works here Bayutafullee
Offline  
Old 11-20-2008, 04:07 PM   #24 (permalink)
Talking BlackBerry Encyclopedia
 
hayabusa's Avatar
 
Join Date: Aug 2006
Location: Kansas
Model: 9000
Carrier: Cingular
Posts: 251
Post Thanks: 0
Thanked 0 Times in 0 Posts
Cool If you are PEAP you will need a Cert

Active Directoy will require 2 forms of authentication when using PEAP. Even though you IT guy is telling you that you don't use certs its because on a Windows machine they can validate your hop onto the access point by your computer name and user name which are both in Active Directory, hence 2 factor authentication.

In the Blackberry world these little guys don't talke to Activate Directory so in the peap setup you need to enter your Active Directory user ID and password, which is one form of authentication and then you need to have a personal certificate on the device which is located on your Windows workstation. You can access export this certificate by going to start>Run> and typing certmgr.msc. This will pop upon an mmc where you can export the cert you need. Usally it will be called your Company's name or Domain name with .cer behind it.

From there you can use Blackberry desktop manger to import the cert on to your device, or if your Blackberry Admin has the extension .cer setup on the Blackberry Server for known attachments you could just email it to yourself and then register it on your Blackberry when you see it as an attachment on your Blackberry. I hope some of this makes sense. In my current company we are looking at an easier way of setting this up for our users since we have already gone down the WPA Enterprise way of securing our Access Points without thinking that mobile devices are going to need certs but currently their deosn't seem to be an automated way of doing this for deployment.
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

GENERAL RADIO GR GENRAD 1603-A Z-Y AUDIO WIDE IMPEDANCE TEST SYSTEM LCR BRIDGE
$149.97
GENERAL RADIO GR GENRAD 1603-A Z-Y AUDIO WIDE IMPEDANCE TEST SYSTEM LCR BRIDGE   pictureUDT Instruments CEI Company TRAMP Trans-impedance Amplifier "T12"
$500.0
UDT Instruments CEI Company TRAMP Trans-impedance Amplifier Zareba ESP10M-Z 10-Mile Solar Low Impedance Fence Charger
$184.7
Zareba ESP10M-Z 10-Mile Solar Low Impedance Fence Charger pictureMadsen Electronics Model ZO73 Electro - Acoustic Impedance Bridge - Nice Unit
$29.99
Madsen Electronics Model ZO73 Electro - Acoustic Impedance Bridge - Nice Unit pictureZareba ESP5M-Z 5-Mile Solar Low Impedance Charger
$198.75
Zareba ESP5M-Z 5-Mile Solar Low Impedance Charger picture






Copyright 2004-2016 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.