Welcome to Port3101.org : Your BES Connection Mark forums read | View Forum Leaders
Port3101.org : Your BES Connection

Register Blog Members Sponsors Today's Posts
Quick Login:

Port3101.org > BlackBerry Enterprise Solution > Featured BlackBerry KB Articles » KB16159 - How to import and use a third-party signed certificate with BES MDS IS

Follow Us On





Forum Sponsors


Google Advertisements
Reply
LinkBack (5) Thread Tools Display Modes
KB16159 - How to import and use a third-party signed certificate with BES MDS IS
 
  5 links from elsewhere to this Post. Click to view. #1 (permalink)  
Old 06-18-2009, 05:53 PM
hdawg's Avatar
Proprietor
  
Join Date: Nov 2008
Posts: 2,237
Blog Entries: 147
Default KB16159 - How to import and use a third-party signed certificate with BES MDS IS
KB16159 - How to import and use a third-party signed certificate with BlackBerry MDS Integration Service

Environment

  • BlackBerry® Enterprise Server
  • BlackBerry® Mobile Data System (BlackBerry MDS) Integration Service


Overview

To import and use a third-party signed certificate with BlackBerry MDS Integration Service, complete the following steps:
  1. Create a backup of the following file: C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key.
  2. Open a command prompt and type cd C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\jre\bin.
  3. Generate a Self-Signed Certificate using the following command. This is the certificate you will authorize with the Certificate Authority.
    Keytool -genkey -v -keyalg RSA -validity 3652 -dname "CN=<host domain name>, OU=<department name>, O=<company name>, L=<city name>, S=<state/province name>, C=<country name>" -alias ey name alias> -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password> -keypass <key password>
  4. Generate a Certificate Signing Request. This file will be used by the Certificate Authority to generate the required signed certificate.
    keytool -certreq -v -alias <key name alias> -file C:\<filename>.csr -keypass <key password> -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass >
  5. Import the signed certificate generated by the Certificate Authority by installing the Issuing Server Certificate into the keystore using the following process. Be sure to choose Yes when asked whether to trust the certificate.
    keytool -import -v -alias FreeSSL -file C:\freessl.crt -keypass <key password> -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password>
    Owner: CN=UTN-USER<Company Name>, OU=<certificate authority domain>, O=<certificate authority name>, L=<city name>, ST=<state/province code>,C=<country code>

    Issuer: CN=UTN-USER<Company Name>, OU=<certificate authority domain>, O=<certificate authority name>, L=<city name>, ST=<state/province code>, C=<country code>

    Serial number: 000000000000000000000000000000000

    Valid from: Fri Jul 09 14:48:39 EDT 1999 until: Tue Jul 09 14:57:49 EDT 2019

    Certificate fingerprints:

    MD5: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

    SHA1: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

    Trust this certificate? [no]: yes
    Certificate was added to keystore

    [Storing C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key]
  6. Import the signed SSL Certificate from the Certificate Authority based on the .cer file that you generated in Step 4.
    keytool -import -v -alias <key name alias> -file C:\<filename>.crt -keypass <key password> -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password>



    Certificate reply was installed in keystore

    [Storing C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key]
  7. Remove the certificates that were installed by default so that they can be replaced by the aliases with the new signed certificate.
    keytool -delete -alias <certificate alias name 1> -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password>
    keytool -delete -alias <certificate alias name 2> -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password>
  8. Alias the externally signed certificate <key name alias> to <certificate alias name 1> and <certificate alias name 2>.
    keytool -keyclone -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password> -alias <key name alias> -dest <certificate alias name 1> -keypass <key password> -new <new key password>
    keytool -keyclone -keystore "C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\server.key" -storepass <keystore password> -alias > -dest <certificate alias name 2> -keypass <key password> -new <new key password>
  9. Restart the BlackBerry MDS Integration Service in the Windows® Services panel, and start BlackBerry Manager.
__________________
http://blog.port3101.org/hdawg/

The views expressed by me on Port3101 and its affiliated sites are my own and do not necessarily reflect the views of my employer.
Reply With Quote
Sponsored Links
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

LinkBacks (?)
LinkBack to this Thread: http://www.port3101.org/featured-blackberry-kb-articles/1329-kb16159-how-import-use-third-party-signed-certificate-bes-mds.html
Posted By For Type Date
MDS Integration Service - BlackBerry® Enterprise Server Version 5.0 - BlackBerry Support Community Forums This thread Refback 09-03-2009 06:02 PM
Re: MDS Integration Service - BlackBerry® Enterprise Server Version 5.0 - BlackBerry Support Community Forums This thread Refback 08-21-2009 08:02 AM
MDS Integration Service - BlackBerry® Enterprise Server 5.0 - BlackBerry Support Community Forums This thread Refback 06-23-2009 04:44 AM
BlackBerry Support Community Forums - MDS Integration Service - BlackBerry® Enterprise Server 5.0 - BlackBerry Support Community Forums This thread Refback 06-20-2009 03:17 AM
BlackBerry Support Community Forums - Re: MDS Integration Service - BlackBerry® Enterprise Server 5.0 - BlackBerry Support Community Forums This thread Refback 06-18-2009 06:00 PM


All times are GMT -4. The time now is 04:36 PM.
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2

Contact Us - Port3101.org - Archive - Top

Register FAQ Members
 
Copyright ©2008 - 2009, Port3101.org. All Rights Reserved.

vBulletin skin created by CompletevB.com