07-21-2009, 05:27 PM
|
 |
Proprietor
|
|
Join Date: Nov 2008
Posts: 2,238
|
|
KB12887 - How to import a non-default SSL certificate after the installation of BAS
KB12887 - How to import a non-default SSL certificate after the installation of BlackBerry Administration Service
Environment
- BlackBerry® Administration Service
- BlackBerry® Enterprise Server
Overview
Complete these tasks to request and import a non-default Secure Socket Layer (SSL) Certificate, which is used with the BlackBerry Administration Service and the BlackBerry® Web Desktop Manager.
Task 1 - Reset the BlackBerry Administration Service key store password
- Click Start > All Programs > BlackBerry Enterprise Server > BlackBerry Server Configuration.
- Click the Administration Service - Cacerts keystore tab.
- Type a key store password in New Password and Confirm New Password.
Task 2 - Generate a certificate request to your certification authority
- Open a command prompt.
- Change the directory to the bin folder for the appropriate version of the Java Runtime Environment (JRE). For example:
C:\Program Files\Java\jre1.6.0_07\bin
- Type keytool -certreq -alias httpssl -keystore "C:\Program Files\Research in Motion\BlackBerry Enterprise Server\BAS\bin\web.keystore" -file "C:\certreq.csr"
- When prompted, enter the key store password that you created in Task 1.
Task 3 - Request the certificate from your certification authority
Note: The steps in this task are based on the steps required to request a certificate from a Microsoft® Windows® Certificate Authority.
- Browse to the organization's certificate server using Microsoft® Internet Explorer®.
- Click Request a certificate.
- Click Advanced certificate request.
- Click Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS#7 file.
- Paste the full contents of the certreq.csr file into the Saved Request field.
- Choose Web Server from the Certificate Template drop-down list.
- Click Submit.
- Click Download certificate.
- Save the file to c:\bascert.cer when prompted.
Task 4 - Download the CA Certificate from the Certificate Authority
- Browse to the organization's certificate server using Microsoft Internet Explorer.
- Click Download a CA Certificate, certificate chain, or CRL.
- Click Download CA Certificate.
- Save the file to c:\CAcert.cer when prompted.
Task 5 - Import the CA Certificate into the BlackBerry Administration Service key store
- In the command prompt window used in Task 2, type keytool -import -alias cacert -keystore "C:\Program Files\Research in Motion\BlackBerry Enterprise Server\BAS\bin\web.keystore" -file "C:\CAcert.cer"
- Enter the key store password, and then press y when asked to trust this certificate.
Task 6 - Import the BlackBerry Administration Service certificate to the BlackBerry Administration Service key store
In the command prompt window used in Task 5, type keytool -import -alias httpssl -keystore "C:\Program Files\Research in Motion\BlackBerry Enterprise Server\BAS\bin\web.keystore" -file "C:\bascert.cer"
Task 7 - Restart the BlackBerry Administration Service
Additional Information
Visit http://java.sun.com for more information on the key tool.
__________________
http://blog.port3101.org/hdawg/
The views expressed by me on Port3101 and its affiliated sites are my own and do not necessarily reflect the views of my employer.
|
Linear Mode
