03-06-2013 08:24 AM
I am trying to figure out how to get S/MIME to work on the BlackBerry Z10.
I bought an e-mail encryption certificate from Entrust, and imported it on the Blackberry, following the instructions I found in the documentation: http://docs.blackberry.com/en/smartphone_users/del
If I go in "Settings --> Security and Privacy --> Certificates -->Enterprise Client Certificates", I see that the certificate is correctly installed in the "Device" store.
However, when I go into "Hub Settings --> S/MIME", under "Signing Certificate" and "Encryption Certificate", all I get is: "No Certificates Found"
What am I missing?
03-06-2013 10:44 PM
Welcome to the BlackBerry Support Community Forums.
Thanks for the question.
Are you setup on BlackBerry Enterprise Server 10? Or are you using an Exchange account with ActiveSync?
Were you setup on a BES before?
I look forward to your reply.
Come follow your BlackBerry Technical Team on Twitter! @BlackBerryHelp
Click Accept as Solution for posts that have solved your issue(s)!
03-07-2013 05:35 AM
Yes, I am setup on BlackBerry Enterprise Server 10.
Toying around with that particular problem yesterday, I found out that, doing exactly the same thing, I was able to get S/MIME to work using a certificate I generated from our internal CA (Windows PKI). That's good in a way, but doesn't help much with the e-mail certificate I bought from Entrust. And since that last one is trusted on the net, it's the one I really want to get to work...
03-27-2013 08:01 AM
I do not understand the current approach by BlackBerry.
The new BlackBerry Z10 is an amazing device, but there are still some basic problems I do not understand.
Why do I need to pay for BES to use S/MIME support only? Other systems like iOS or Android can deal with those certificates without any problems and on non server based architectures.
Are there any plans on an easier and less expensive solutions to use encrypted email?
03-29-2013 07:14 PM
I have noted too that BB doesn't let user have secure email communication by S/MIME or X.509 without getting burdened (Acquisition and maintenance) with a BES. This may be OK for large corporations or governments but not for small business.
Can you please amplify on which iOS or Android would offer a non-server security architecture?
03-30-2013 02:30 PM
this is really disappointing and a reason for not buying a BB Z10.
I am using signed and encrypted emails with my iPhone 4S without any problems.
Certificates can eigther be installed by hand or with the help of profiles created with the iPhone Configuration Utility.
05-08-2013 05:49 PM
I'm stuck on this as well. We are using Versign Managed PKI for e-mail encryption and signing.
I've successfully imported the PFX (by e-mailing and importing from my work account). The certificate appears under Enterprise Client Certificates in the Device store (but with no details - no expiration date, no trust information, etc.)
When I try to configure the S/MIME settings in the Hub, I get "No Certificates Found".
We have a fully licensed BES 10 server, the device has been successfully activated but still no joy on S/MIME.
I've also tried importing certificates using a Wi-Fi or USB connection as per the instructions on the Z10 but get a message that "There are no certificates to import." Is there any instructions as to where the device looks for the certificates?
05-13-2013 01:29 PM
Update: Installed the leaked OS version 10.1.0.1726 and the certificate now shows up in the pull down list for authentication and encryption. Both work but the Blackberry device reports that the certificate is not trusted. I'm going to import the entire certificate chain but I can live with the warning message for now.
05-13-2013 03:05 PM
No luck. Even importing the complete certificate chain does not cause the encryption certificate to be trusted.
But like I said, I can encrypt, decrypt and sign e-mails and that's all I care about at this point.