Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® OS Smartphones

Reply
New Contributor
Posts: 6
Registered: ‎12-27-2009
My Device: 8330
My Carrier: verizon
Accepted Solution

Certificates

Hi everyone,

 

I'm trying to log onto my wildblue account to check my bandwidth.  I did this fine many times a few weeks ago.  Now the certifcate shows a ? .  When I go to the site in my browser I get a window that says

 

"You are attempting to open a secure conneciton but the servers certificate is not trusted."

 

Then I get the options of continue, close conneciton, view certifcate, and trust certifcate.  It doesn't matter which one I click it loops back to the same window.

 

If I go into tools, certificates, and try to delete it, it then wants a key store password.  I've used 2/10 with my normal passwords.  I have never made a password that I know of.  Is there a default one? 

 

How do I fix this and could someone explain what a certifcate is and how they work on the phone?

 

I have a Curve 8330 and on V.4.3.0.124    (I know it's outdated but I'm chicken to update.)

 

thanks  grace 

Guru I
Posts: 19,020
Registered: ‎07-29-2008
My Device: Passport, Playbook, 9320BES
My Carrier: Bouygues _ SFR

Re: Certificates

talking about certificates is always a hard thing for newbies... let's say that it's like a passport that is edited by a country.

you will certainly accept the identity of someone if that person shows you a US passport, or a GB passport, but maybe not for a passport from Lesotho.

 

the passport is a certificate. It is quite public data, so any one can see it. It is used by a web server to declare "I am who I say I am". The country that edits the passport is an certificate authority. It's Verisign, Microsoft, Thawte, Cerplus or other trusted authorities.

 

when you are using your device browser, for some actions you will go to a secure website. there are two main reasons :

the website will show his certificate, and your browser will look at who edited the certificate. If the certificate authority is in the list of trusted CAs, then it's okay.

 

secondly : there will be a secured tunnel (SSL, the s in https:// ) that will guarantee that no one will be able to see the information you are exchanging with the website. for example is you go to https://www.facebook.com/ (same for BOA website).

 

*****

 

that being said, the list of trusted CAs is stored everywhere : there is a list in your installation of Windows, there is a list in your installation of Mozilla Firefox, there is one inside the databases of your BlackBerry device.

 

what you want to do is reread the error message expalining why the certificate is not trustworthy. If it's because the authority is not trusted, then you can configure your device to accept it.




The search box on top-right of this page is your true friend, and the public Knowledge Base too:
New Contributor
Posts: 6
Registered: ‎12-27-2009
My Device: 8330
My Carrier: verizon

Re: Certificates

Thank you for the explanation.  Now I'd like to learn how to fix it.  

 

When I look at the certificate "?myusage.wildblue.net, VeriSign Class..."  I don't see anything wrong with it.   It says its explicity trusted.  The server for this certifcate is Verisign and when I look at Verisign, it also says explicity trusted under the trust status and it also has a ? in front of it. 

 

I'm missing something important.  This site worked for me a few weeks ago and I am using https.

 

Is there a security setting that I need to raise? or something in the certificate servers that I should do something to?  or application permissions? 

 

thanks again,

grace

 

 

 

Guru I
Posts: 19,020
Registered: ‎07-29-2008
My Device: Passport, Playbook, 9320BES
My Carrier: Bouygues _ SFR

Re: Certificates

you need to figure out what your keystore password is. If you don't you will never be able to mark that certificate as trusted.




The search box on top-right of this page is your true friend, and the public Knowledge Base too:
New Contributor
Posts: 6
Registered: ‎12-27-2009
My Device: 8330
My Carrier: verizon

Re: Certificates

I'm the original owner and have never made a password.  Is there a default password?  Is this where after 10 tries my phone is wiped? 

 

grace

Guru I
Posts: 19,020
Registered: ‎07-29-2008
My Device: Passport, Playbook, 9320BES
My Carrier: Bouygues _ SFR

Re: Certificates

if you have not set any keystore password, then the keystore password is your device password.




The search box on top-right of this page is your true friend, and the public Knowledge Base too:
New Contributor
Posts: 6
Registered: ‎12-27-2009
My Device: 8330
My Carrier: verizon

Re: Certificates

This is what I've done.  I read the sticky on password keeper.  I then created a password for the password keeper, did a battery pull, and then used the password for password keeper for the keystore password in the certifcates.  It accepted it.  I then DELETED the certificate.  I then went into the browser and tried to get on the site I've been trying to access and clicked trust.  It left me in, but when I go back to certificates it has REPLACED the certificate but still has the ? before the certificate.  It seems to be working but I'm not sure why there is a ? before the certifcate but at least now I have a password. 

 

I had tried this same password before and it did not work and I was on attempt #3. 

 

Thanks for your help.  grace

Visitor
Posts: 1
Registered: ‎08-02-2010
My Device: TOUR
My Carrier: Verizon Wireless

Re: Certificates

I am having a similar problem with our Blackberry Tour's.  We recently moved our mailserver to an IP off port "444".  I can not add a cerificate for that site to the keystore.  Anyone having similar issues?

Contributor
Posts: 34
Registered: ‎02-11-2010
My Device: Curve 8330
My Carrier: metroPCS

Re: Certificates

I'm having a similar problem. On certain sites a box comes up, "you are attempting to open a secure connection but the server's certificate is not trusted" and buttons for "continue" "view certificate" and "trust certificate". If I choose "trust" I then get the box asking for key store password. I enter that, another box appears saying "the application is requesting access to your trusted key store" and the options "ok" or "cancel". I choose "ok" and a minute or so later a box pops up "the certificate could not be added to the trusted key store due to IT policy restrictions". What IT policy? This is a personal BB, not a business using BES. Is there a fix for this?
Highlighted
Hall of Famer III
Posts: 57,616
Registered: ‎11-28-2008
My Device: PRIV (6.0.1/AAG111), Z10/Z30/Q10 (10.3.2.2813), Playbook (2.1.0.1526)
My Carrier: TMobile USA

Re: Certificates

Hello,


Magneto wrote:
a box pops up "the certificate could not be added to the trusted key store due to IT policy restrictions". What IT policy? This is a personal BB, not a business using BES. Is there a fix for this?

At some point in your BBs life (I have no way to know how, when, or why), it has been associated with BES...and no one properly removed the IT Policy after removing it from BES. Consequently, you are saddled with the restrictions of that IT Policy. To remove it, you must do this:

  • KB31291 How to reset a BlackBerry smartphone to factory settings using BlackBerry Desktop Software

Beware of the warnings...it will be completely destructive to everything on your BB -- all apps, data, etc.

  • KB16307 Actions performed by the BlackBerry smartphone during the removal of stored user and application data

Be sure to take a backup first, so that you can restore your data after (you will need to re-acquire your apps, though). When you do the backup/restore, I recommend doing the backup "wholesale" (so that you are sure you have everything), but do not do the restore "wholesale"...if you do, you will simply restore the database that contains the IT Policy, and be right back where you are right now. Instead, do a selective restore of only those databases you need:

  • KB03974 BlackBerry smartphone database list

If you are already using a Desktop PIM for your contacts, calendar, etc., then you can simply re-configure (e.g., "forget" your BB from the Desktop Software and start over) your synchronization afterwards and continue going (so you can skip those databases during the restore).

 

Be sure to make backup your BBM Contact List to your Media card so that you can restore that as well afterwards.



If you have trouble, after the ResetToFactory, with email accounts and other BB-data services, then I would suggest the following steps, in order, even if they seem redundant to what you have already tried (steps 1 and 2 each should result in a message coming to your BB...please wait for that before proceeding to the next step):

1) Register HRT

  • KB00510 How to register a BlackBerry smartphone with the wireless network
  • Please wait for one "registration" message to arrive to your Messages app

2) Delete and Resend Service Books

  • KB05000Delete the service book for the BlackBerry Internet Service email account from the BlackBerry smartphone
  • If you have no CMIME entry, then skip the deletion
  • KB02830 Send the service books for the BlackBerry Internet Service
  • Please wait for "Activation" Messages, one per already configured email account, to arrive in your Messages. If you have no already configured email accounts, please wait 1 hour.

3) Batt Pull Reboot

  • Anytime random strange behavior or sluggishness creeps in, the first thing to do is a battery pop reboot. With power ON, remove the back cover and pull out the battery. Wait about a minute then replace the battery and cover. Power up and wait patiently through the long reboot -- ~5 minutes. See if things have returned to good operation. Like all computing devices, BB's suffer from memory leaks and such...with a hard reboot being the best cure.

Hopefully that will get things going again for you! If not, then you should try deleting and re-adding your BIS configuration for the affected email accounts.

Good luck!


Occam's Razor nearly always applies when troubleshooting technology issues!

New to the Community? Click here and also here for helpful guidance. Also please click here for additional helpful information to guide you as you proceed. I always recommend that you treat your BlackBerry like any other computing device, including using a regular backup schedule...click here for an article with instructions. If anyone has been helpful to you, please show your appreciation by clicking the button. Need a reference to BB10 OS/SR versions? Click here. Need a specific BB10 AutoLoader? Send me a private message.

...................................................... ......................................................