One of the low-key updates to the release of BlackBerry OS 10.2.1 is an update to the Browser. Certificate store is now supported. The Browser will now check the certificate store for preloaded Certificates we supply as well as any certificates you have installed. This has been a request for quite a few of you with Enterprise sites secured by Certs, and should be a perk for those sites that let you single sign on with x.509 certs, etc.
What Certificates do we support?
- PEM (.pem, .cer)
- DER (.der, .cer) Since DER files can only be single entities, DER files may only be certificates.
- PFX or P12 (both strings are equivalent) (.pfx, .p12)
- We additionally support .p8 for importing DER-encoded key.
How do I install a Certificate?
Each device comes with a set of pre-loaded Trusted Root CA Certificates, but may wish to install additional items. Your BES admin can push Root Certificates to your device. For more detail check with your BES admin, or page 144 here.
If you want to do this for yourself, you can do so easily from your Settings. First, email yourself the certificate, or simply place it on the device (in the downloads folder, for example). Then just go here:
Settings > Security and Privacy > Certificates. Press the import button (+ sign). Choose whether you are importing into the Device-Personal or Device-Work space:
Navigate to the folder you have your certificates in, and select your cert. You have the option to restrict the usage to WiFi only or VPN only usage. Then press next and you will be notified your certificate is imported.
How can I view a certificate?
Simply click on certificate in the file manager if it’s just still on your files system. If it’s already installed, navigate to the certificate store in settings and click on the cert that interests you. In both cases you will see something like this:
If you have any questions feel free to post them in the comments section below.