Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
New Developer
Posts: 13
Registered: ‎05-18-2009
My Device: Not Specified

How to trust a certificate?

I Developing an app that uses HTTPS connections, when i try to make a connection the dialog to manage the certificates is showed. I use the option "trust certificate" but the device show the next message: "the certificate could not be added to the trusted key store due to IT policy restrictions". The only way to trust the certificate is in options-> security options -> Certificates -> (select my certificate signed with a red cross) use Trust Option, then my certificate is signed with a yellow ? and the app works fine.

 

There is a way to trust my certificate directly from my app?

 

Thanks

New Developer
Posts: 13
Registered: ‎05-18-2009
My Device: Not Specified

Re: How to trust a certificate?

I forgot to say that i'm using BIS-B connection.
Developer
Posts: 132
Registered: ‎02-11-2009
My Device: Not Specified

Re: How to trust a certificate?

If the policy allows it, the user can click 'Trust' in the warning dialog, enter his/her passfrase and add the certificate as trusted. Notice the app has no control over the policy or those dialogs, the way it should be. An app has absolutely no business messing around with the OS' key store.

 

In regular JAVA the application is allowed to override the trust check for its own connection to allow self-signed certificates and such without warning the user, and without modifying the system. That's a good thing. I've not found any similar mechanism in RIM's API, so the answer is "probably not".

 

Cheers, Barak.
New Developer
Posts: 13
Registered: ‎05-18-2009
My Device: Not Specified

Re: How to trust a certificate?

Thank you for your reply. I don't know how to solve the problem, therefore should exist a way for trust the certificate using the blackberry's dialog without the message "the certificate could not be added to the trusted key store due to IT policy restrictions" beacuse i can trust it from the simulator (my app and browser) and in the device (browser only).
Developer
Posts: 132
Registered: ‎02-11-2009
My Device: Not Specified

Re: How to trust a certificate?

Perhaps the browser uses internal-API to do this? As third party developers we have no access to the internal API.

This thread also seems to suggest 3rd party applications cannot intervene in the trust check process.

 

http://supportforums.blackberry.com/rim/board/message?message.uid=223520

New Developer
Posts: 13
Registered: ‎05-18-2009
My Device: Not Specified

Re: How to trust a certificate?

Thank you again. I'm going to talk with the RIM BIS-B connection provider for solutions.
New Member
Posts: 1
Registered: ‎04-29-2010
My Device: Blackberry Curve 8900
My Carrier: T-Mobile

Re: How to trust a certificate?

I recently cleaned out my phone and now I keep seeing "The certificate could not be added to the Trusted Key Store due to IT Policy restrictions" how do I fix this? The only app I have and use is Skydeck. And I can't add the key and I have no idea why. any suggestions?