Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Enterprise Service 10

Reply
Contributor
Posts: 28
Registered: ‎06-12-2012
My Device: Z10
My Carrier: TIM Italy
Accepted Solution

Not getting personal emails while in WiFi and CA deployment in personal browser

Hello!

 

In our company we have a wifi network and a proxy which encrypts part of HTTPS traffic based on the website category, therefore those sites have another certificate rather than the original one. I deployed the CA via shared folder (WIFI even if not strictly necessary, ENTERPRISE and WWW subfolders) and:

  • if I go for example to https://pinterest.com in work browser everything goes fine (the browser uses our CA and it considers that HTTPS traffic as trusted)
  • if I do the same but with the personal browser, the traffic is untrusted, hence I infer that personal browser is not affected by the CA we deployed
  • when I'm connected to wifi, corporate emails via BES 10.2 are working properly but personal emails (eg gmail.com) are not

Do you have any clue on this please?

Thanks a lot!

Trusted Contributor
Posts: 125
Registered: ‎04-16-2012
My Device: PlayBook + Z10 + Z30

Re: Not getting personal emails while in WiFi and CA deployment in personal browser

Sounds like your proxy does not only encrypt special websites (it also would not make any sense) but that you break the encryption by decrypting it on the proxy and reencrypt it with your own cert. This is commonly used to analyze  encrypted traffic.

In this scenario you also decrypt the traffic to the mailserver (e.g. gmail, etc) and present the originating device your own cert for the encrypted traffic.

But the mail client on the device does not trust your own ca and so the connection does not work.

The private perimeter on the BB does not use your own certs or ca an so the private emails do not work.

 

 

Contributor
Posts: 28
Registered: ‎06-12-2012
My Device: Z10
My Carrier: TIM Italy

Re: Not getting personal emails while in WiFi and CA deployment in personal browser

Thanks kbe.

 


kbe wrote:

The private perimeter on the BB does not use your own certs or ca an so the private emails do not work.


That was what I supposed: a problem with the deployed CA which is not used by personal workspace. I disabled the re-encryption for email websites for testing purposes, but it still doesn't work. Of course, if personal email profiles don't trust the deployed CA, the BB cannot download email. Thanks for your confirmation!