Thank you for visiting the BlackBerry Support Community Forums.
BlackBerry will be closing the BlackBerry Support Community Forums Device Forums on April 1st (Developers, see below)
BlackBerry remains committed to providing excellent customer support to our customers. We are delighted to direct you to the CrackBerry Forums, a well-established and thorough support channel, for continued BlackBerry support. Please visit http://forums.crackberry.com or http://crackberry.com/ask. You can also continue to visit BlackBerry Support or the BlackBerry Knowledge Base for official support options available for your BlackBerry Smartphone.
"When we launched CrackBerry.com 10 years ago, we set out to make it a fun and useful destination where BlackBerry Smartphone owners could share their excitement and learn to unleash the full potential of their BlackBerry. A decade later, the CrackBerry community is as active and passionate as ever and I know our knowledgeable members and volunteers will be excited to welcome and assist more BlackBerry owners with their questions."
- Kevin Michaluk, Founder, CrackBerry.com
Developers, for more information about the BlackBerry Developer Community please review Join the Conversation on the BlackBerry Developer Community Forums found on Inside BlackBerry.
12-07-2008 04:55 PM
First off we have S/MIME working on a lot Blackberry handhelds, but this is our first Bold.... and I don't have it in my possesion, a traveling VP does.
I am told that device OS v4.5+ does not need the SSP installed (last version of that I see is v4.1 but it works on v4.2 OS).
Controlled his PC nad did the custom install of Deskto Manager, with the Cert Synch option, got their soft keys in cert manager and sync over, with LDAP server, CRL, etc defined. All that went well as we did all steps except installing latest device code, as it has the lastest and I am told these newer OS versions don't have the issue with missing security modules, and on that same line S/MIME support is suppose to be part of the OS in these newer versions so no SSP install.
On the Blackberry he has Certificate Servers (and allservers are correct there), Certificates (and his certs, roots certs, etc are all there). But there is nothing there for S/MIME (were you set your default certs for signing and encryption and other related options). So has this menu moved to another location, or is there another way to set these options? I had him look at a few other places, but I didn't want to send him on a wild goose chase for something that may not even be there. I pulled down the 'UserGuideSupp_SMIME_Support_Package_full_keypad_t
12-08-2008 12:21 AM - edited 12-08-2008 12:22 AM
I just downloaded the Bold User Guide (userguide_bb9000_umts.pdf) and found this:
S/MIME-protected message options
Change your signing or encryption certificate
Your BlackBerry® device uses your encryption certificate to encrypt messages in the sent items folder and includes your encryption
certificate in messages that you send so that recipients can encrypt their reply messages.1. In the device options, click Security Options.
2. Click S/MIME.
3. In the Signing Options section or the Encryption Options section, change the Certificate field.4. Press the Menu key.
5. Click Save.
Yet the user swears there is no 'S/MIME' under 'Security Options'. So is the guide wrong or the user? Looks like I'll never know until I get one in my hands.
12-08-2008 01:39 PM
Ahh I see the post has been moved... The issue is also with the Storm btw. User documention for both devices talks about the S/MIME menu under Security Options... No such thing out of the box. Turns out that S/MIME support is not enabled by default, and you still must install the device firmware via desktop manager and enable/check the S/MIME support option. So having v4.5+ OS only cuts out the 9mb SSP package that we have to install on older devices. You still have to pull down the ~95MB device software though :-)
So RIM's documention leaves a lot to be desired on this issue.
Additionally, of the 3 Bolds and 1 Storm I have tried it on this morning, ALL have had the issue of being able to send encrypted emails, but not open encrypted emails they received (despite everthing looking good on the config). And on all of these, removing from the BES then adding back and activating again has corrected.
So still a lot of work to get encryption going even on newer devices. If this pattern of having to reactivate continues on these new devices, it will actually take longer to setup S/MIME than the units with older firmware.