Comprehensive guide to Adding ROOT Certificates to WM5 Devices like C600, O2's Xda mini, iMate SP5, HTC Typhoon, HTC Wizard, etc.

[Guest WallabyFan]

I found a colleague at work with a new O2 Xda mini was having the same issues as I was a month ago with my Orange C600 in trying to add a ROOT Certificate to the WM5 device once you have upgraded to the MSFP/AKU2 standard and now found that it has upgraded your security to higher a level.

So in an effort to help him and others I have compiled this post amongst others that I have blogged, please let me know if it helps or hinders?

Thanks ;-))

Here is an FAQ from MS explaining why the issue exists:

Q: What is required to install a new certificate to the ROOT store?

A: Adding ROOT certificates currently requires trusted code or manager access. On most Pocket PC devices this won't be a problem, but some Smartphone devices are deployed in a restricted configuration where this will be a problem.

Q: Okay, I have a restricted Smartphone device. What are my options for getting a root certificate on there?

A: In the general case, you will need a signed certificate installer. Some operators provide this tool. There's a more in-depth discussion of this issue at the blog post here.

Q: Does Windows Mobile support wildcard certificates?

A: Not in the current versions.

Q: Does the certchk tool work for disabling SSL validation for Exchange ActiveSync?

A: Not on Windows Mobile 5.0 devices. There is currently no workaround for this beyond adding the root certificate as described above, or disabling SSL altogether.

Edited April 20, 2006 by WallabyFan