01-31-2013 09:41 PM
I am trying to side-load some self-signed certificates on to the device for testing reasons (see various other woes listed elsewhere). From Settings > Security > Certificates there appears to be the capability to do this. I cannot find any documentation as to where the certificates have to be placed to be detected.
Some Googling did mentioned something about the process in respect of the PlayBook but this requires that they are placed into the certs folder on the device. The Z10 doesn't have this standard folder and it's not possible (as far as I can tell) to create that folder in the root of the device.
Solved! Go to Solution.
02-01-2013 10:37 PM
02-03-2013 07:43 PM
Thanks for the help. When I was connect to the Z10 with the cable on a Windows machine I could only see what is effectively the 'media' share. When I connected with SMB on my MacBook I got a choice of media, certs and the SD card. I also had to get the extension right, it didn't like .crt or .cert but was happy with .pem.
02-06-2013 04:59 PM
02-08-2013 07:15 AM
I emailed myself the certificate. when I click on the certificate, on my z10, in email, it asks for a password to "view" the certificate. I enter the password that the certificate was sent with, it accepts the password (that is, I click to see that I can view the password and it's correct), I don't get a password error, but it then asks me for the password again.
Now, if I cancel out, I can't read any of my email any more, from any of my email accounts that are in the hub. I get a message that says "could not display this message"...
I just broke my z10!
02-08-2013 10:14 AM
definitive solution, because it works:
1) export your trusted root CA from your windows computer to a directory on your computer (no passwords necessary)
2) export your personal certificate from your windows computer to the same directory on your computer. You have to password protect this. Pick a secure password. You'll need this when you import it on the phone.
On the blackberry z10:
3) System Settings > Network Connections > Wi-Fi > (select your corporate wi-fi network and enter the connection password)
On the blackberry z10:
4) System Settings > Storage and Access > Access using Wi-Fi > On
5) System Settings > Storage and Access > Identification on Network > (set a username, the default is blackberry)
(I don't know if it matters, but I left the workgroup as "Workgroup")
6) System Settings > Network Connections > Wi-Fi > (touch your corporate wi-fi name, but it does not highlight) > Advanced (at the bottom of the screen) > Internet Connection > (make a note of the IP address)
8) Now go to a Windows file browser. Type \\127.1.1.1\ (substitute the IP address of your bb10 for the 127.1.1.1 address)
9) This should then ask for the username and password. Enter the username from above (default was blackberry) and the password you set in () above.
10) This should then open the share. Copy both the Trusted CA certificate and your personal certificate to the share.
Go back to your phone.
11) System Settings > Security and Privacy > Certificates > Import (at bottom of screen) > Personal Trusted CA (at top of screen) > (select VPN, WEB, WI-FI) check boxes > (it should show you the CA certificate you put in the share; select it to complete the import)
12) System Settings > Security and Privacy > Certificates > Import > Personal Client > (select VPN, WEB, WI-FI) check boxes > (it should show you your personal certificate that you put in the share; select it to complete the import)
And Bob's your uncle! Mind you, I don't know if the certificates actually work at this point, but at least we've got them in the phone to test...
06-12-2013 01:49 AM
it seems that there is only the options to import the cerificate for VPN, WEB and WI-FI.
How about Email?
Is there a way to associate Activesync Email to use a self-signed certificate?