Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Bold™

Reply
New Contributor
gfougere
Posts: 3
Registered: ‎10-01-2012
My Device: Blackberry 9700
My Carrier: Bell

Software Update Server Certificate Error

We have reports from our users  (bold 9790) that are getting the following Server Certificate Error when trying to apply the update that is currently showing up on their blackberry:

 

Domain Name Mismatch

Connection attempted to:

206.51.26.248

the server certificate is configured for :

206.51.26.246

206.51.26.246

This has been disallowed by your administrator.

 

Can anyone provide a means to get around this?

Please use plain text.
New Contributor
gilechri
Posts: 7
Registered: ‎09-22-2009
My Device: Torch 9810
My Carrier: Bell

Re: Software Update Server Certificate Error

[ Edited ]

Hi, Having the exact same issue on our Bold 9900's with Bell.  I'm not seeing a setting for this on my BES to remove this restriction.

Chris

PS: I opened a ticket with RIM, we have a support agreement.

~ BES 5.0.1 for GroupWise (gasp) and MVS 5.0.2 ~
Please use plain text.
Contributor
abbassctg
Posts: 12
Registered: ‎12-21-2010
My Device: 9700 bold
My Carrier: Rogers

Re: Software Update Server Certificate Error

Follow this KB Article and it should work:  http://www.blackberry.com/btsc/KB21414

Please use plain text.
Contributor
kfkehua
Posts: 25
Registered: ‎10-23-2009
My Device: Not Specified

Re: Software Update Server Certificate Error

Same problem here.

don't think the problem is firewall problem. its a certificate mismatch error. Any update from RIM to get this fixed??

 

thanks.

 

Please use plain text.
New Contributor
gilechri
Posts: 7
Registered: ‎09-22-2009
My Device: Torch 9810
My Carrier: Bell

Re: Software Update Server Certificate Error

The BES has always been able to connect to any IP and port, so not firewall issue.  Bell clearly has a certificate mismatch, yet the error message indicates it may be a BES it policy that prevents this, since it says it is an administrator restriction.  So the idea is change the policy for the control of the domain mismatch to get around this error for now.  I can't locate the setting though, RIM is still gathering infomation and is way off topic on my support call so far.

~ BES 5.0.1 for GroupWise (gasp) and MVS 5.0.2 ~
Please use plain text.
New Contributor
gfougere
Posts: 3
Registered: ‎10-01-2012
My Device: Blackberry 9700
My Carrier: Bell

Re: Software Update Server Certificate Error

I tried changing some policies on the server, but did not have any luck.  On a hunch, i configured some of the problem devices to use our hospitality wifi and they were able to connect and successfully downloaded the update

Please use plain text.
New Contributor
gilechri
Posts: 7
Registered: ‎09-22-2009
My Device: Torch 9810
My Carrier: Bell

Re: Software Update Server Certificate Error

Woah that's kinda odd isn't it, worked on your public wifi?  Perhaps Bell fixed their certificate mismatch.  I am not super concerned about it, I assume Bell will correct the issue eventually, it is just annoying for the end user to get the prompt for an update only to have it fail.

~ BES 5.0.1 for GroupWise (gasp) and MVS 5.0.2 ~
Please use plain text.
New Contributor
gfougere
Posts: 3
Registered: ‎10-01-2012
My Device: Blackberry 9700
My Carrier: Bell

Re: Software Update Server Certificate Error

I had spoken with RIM about this issue and was sent the following:

 

Article Title: Wi-Fi enabled BlackBerry smartphone prompts the user to trust a new BlackBerry certificate when connecting Article Number: KB15204

Link: http://www.blackberry.com/btsc/KB15204

 

 

When we got the certificate error, the only options we have are to stop or view details.  I do not really think this applies in this situation as there is a domain mismatch in the certificate.

 

 

Article Title: How to add a web server certificate to the BlackBerry MDS Connection Service or BlackBerry MDS keystore Article Number: KB11623

Link: http://www.blackberry.com/btsc/KB11623

 

This one seems a little more plausable, but i have not yet had a chance to apply it.

Please use plain text.
New Contributor
gilechri
Posts: 7
Registered: ‎09-22-2009
My Device: Torch 9810
My Carrier: Bell

Re: Software Update Server Certificate Error

This is what corrected it for me, all that I was after was to back off the IT policy.
 
Under the "Wireless Software Upgrades"  the rule "Allow Non Enterprise Upgrade" is set to YES already.
 
Under "WTLS Application" the rule "WTLS Disable Invalid Connection" is not set which should default to If you do not set this rule, a default value of "Prompt user on BlackBerry device" will be used. However they don't get prompted.  I set it to "Allow Invalid Connections" now.
 
Under "TLS Application" the rule for "Unmatched Domain Name", set that rule to "Allow unmatched domain name", I had it set to default, which again should prompt, but it doesn't. I changed to "Allow unmatched domain name".
 
Users were able to upgrade past the certificate mismatch.  I will likely set the policy back to default later.
 
 
~ BES 5.0.1 for GroupWise (gasp) and MVS 5.0.2 ~
Please use plain text.