05-10-2013 03:13 AM
We haveb a BES10 server setup and running correctly, with 6 users currently on it.
Reading/sending mail ok but not on SMIME. We import the certificate successfully to the device but have run into an issue when trying to send email with SMIME to either myself or to other people.
If send to myself - There may be a problem with your encryption certificate.
If send to other colleagues - Before the message can be encrypted, a certificate is needed for the following recipient(s).
I am confident that the encryption was working properly before, but now its seems to be broken for everyone.
Is there a setting that I have missed somewhere on the BES so enable SMIME (I have enabled its use in it IT Policy).
05-13-2013 03:40 PM
05-23-2013 06:30 PM
I have been emailing a blackberry support person, and they had this to say:
I’ve just been advised internally that using encrypted messages on BlackBerry Enterprise Service 10.0 and 10.1 requires the sender to have the recipients’ private key on their device before it will work, obviously for internal only messages. We’re improving this in the 10.2 release to support OTA look ups of the private key from AD.
So, looks like email encryption is useless till 10.2....
05-24-2013 10:33 PM
Not sure re 10.2, but I assume it will need a firmware update on the phone to handle communicating to the server to get the private keys.
If I hear anything about an eta for 10.2 ill keep you posted!
07-04-2013 12:24 AM
I have held onto my Torch 9810 due to SMIME. I run hosted exchange and had the hosted exchange company enable SMIME for me on the BES server. Then I, as a user, synced certificates and keys (for 2 people/users) onto our Torches. I did this using the Desktop Software.
I have been searching to find if anybody has used SMIME successfully on the Z10... and if so how? I realize the Link Software is nowhere n-e-a-r capable at this point of SMIME certificate sync since it only recenlty delivered an Outlook 2 way sync. I am wondering if anybody knows if the Link Software will ever be capable?
Am I waiting for nothing??? there should be some way to find out, but thus far I haven't found it.
And it appears from this thread that reglardless of using the Link Software to get the certs/keys synced, SMIME isn't working anyway...
Blackberry needs to get SMIME up and running - the security of the OS matters which is why my Exchange account is only on my Blackberry (not my other smartphones.)
If Blackberry still wants to say they are the best at security then they need to offer SMIME to both Corproate users (who will implement from the server) and individuals themselves like me, who use Hoseted Exchange and sync the cert/keys using Desktop Software (or now Link Software.)
Any word of anything regarding SMIME would be welcome...