Jump to content

Exchange and SSL certificates

Guest JimiB

By Guest JimiB
in Dell Streak 5" - Streak.MoDaCo.com

 Share

Recommended Posts

Guest JimiB

Guest JimiB

Posted
Posted

Hi,

I've been using the email client on Steves 2.2 build and it's been happily talking to exchange at work. We recently changed how our mail works and installed a new firewall and no-ones phones could pick up email while connected to the wifi at work. IT have fixed it and everyone on an iPhone has just re-installed the certificate and their phones now work. I have the new certificate and it's on my phone but i don't know where to put it or how to install it.

Any ideas?

-Jimi

Guest Stephen Hyde

Guest Stephen Hyde

Posted
Posted
Hi,

I've been using the email client on Steves 2.2 build and it's been happily talking to exchange at work. We recently changed how our mail works and installed a new firewall and no-ones phones could pick up email while connected to the wifi at work. IT have fixed it and everyone on an iPhone has just re-installed the certificate and their phones now work. I have the new certificate and it's on my phone but i don't know where to put it or how to install it.

Any ideas?

-Jimi

tried in securty settings theirs something about certs in their

Guest JimiB

Guest JimiB

Posted
Posted

Steve,

I think I'm being stupid, but i can't find any security settings...? pointer please ;)

- jimi

Guest Stephen Hyde

Guest Stephen Hyde

Posted
Posted

settings >location and security scroll down

Guest nickshertzer

Guest nickshertzer

Posted
Posted
Hi,

I've been using the email client on Steves 2.2 build and it's been happily talking to exchange at work. We recently changed how our mail works and installed a new firewall and no-ones phones could pick up email while connected to the wifi at work. IT have fixed it and everyone on an iPhone has just re-installed the certificate and their phones now work. I have the new certificate and it's on my phone but i don't know where to put it or how to install it.

Any ideas?

-Jimi

Have you tried deleting the Exchange account and re-setting up email? Check "Accept all SSL certificates" and it should prompt you to continue and hopefully start pushing Activesync again.

Menu, Settings, Accounts & Sync

Guest untrueparadox

Guest untrueparadox

Posted
Posted

accepting "all" certificates is very risky. if you're in a public wifi hotspot, someone can easily play a man in the middle attack and intercept your data. that's if you have any corporate secrets in the first place.

Guest Geilt

Guest Geilt

Posted
Posted

Mr Hyde is correct. Certificates, and other "secure" credentials, are managed under Settings > Location & Security > Credential Storage.

There is an option called "Install from SD Card". If your certificate(s) were provided to you as a file instead of automatically enrolled, you can add them to the credential database here. This function doesn't allow you to navigate to where the certificate files are located. Rather, it appears to scan the SD card for them. It may only scan the root of the partition. I'm also not sure which certificate template or format types are supported.

Once you have certificates installed you will need to enable their use on the device. This is done by ensuring the "Use secure credentials" box is checked. I believe you have five attempts to enter a correct password at this point. If you enter an incorrect password enough times it WILL wipe all credentials from the database and you will have to install them again.

If a password is not already set you can set, or change it if one is configured, under the "Set Password" section. By default there are no password requirements on length, alpha-numeric, or complexity. Some systems can enforce password policies however. If you're using this as a business tool and it is managed by an administrator they may need to provide you the password.

Untrueparadox is absolutely correct. Allowing all certificates to automatically installed is a very bad idea. Not only does it allow untrusted sources to suddenly become trusted but they can be leveraged to scrape all manner of information from your phone once the connected system is "trusted".

Guest JaysFreaky

Guest JaysFreaky

Posted
Posted

Probably easier to just delete the account and re-add it.

Guest Geilt

Guest Geilt

Posted
Posted
Probably easier to just delete the account and re-add it.

There you go again, being all logical and what not...

Guest JaysFreaky

Guest JaysFreaky

Posted
Posted
There you go again, being all logical and what not...

It happens from time to time. haha

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept