Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Highlighted
Developer
Posts: 55
Registered: ‎02-08-2010
My Device: Blackberry Bold
My Carrier: Verizon

HTTPS Certificate

Hi,


I'm connecting to an ASP.NET webservice via a HTTPS connection. The certificate is not issued by a trusted authority, but if I click accept certificate in the Blackberry simulator, it trusts the certificate.

 

But when I move to an actual device (A personal device), it says something like - Certificate cannot be trusted due to domain rule violation. I could go into Options > Security > Certificate and then explicitly tell Blackberry to trust it, but I can't expect my users to do the same.

 

Any ideas on why this is happening?

 

Thanks,

Teja.

Developer
Posts: 1,474
Registered: ‎04-14-2009
My Device: Not Specified

Re: HTTPS Certificate

This is probably because it's not just that you certificate's chain of trust can't be verified, but also that the CN field of the certificate doesn't match the hostname to which you are connecting. A fix would be to generate a certificate with a CN matching the hostname, or to connecting using the hostname matching the CN of the existing certificate.

 

P.S. Keep in mind that, if I'm not mistaken, it's possible to enforce the verification of chain of trust via IT Policy, meaning that on those devices where it's enforced, your certificate will be rejected unconditionally.