http://wiki.ljackson.us/index.php?title=E61i&action=history Revision history for this page on the wiki en MediaWiki 1.7.1 Mon, 06 Apr 2026 14:04:44 GMT http://wiki.ljackson.us/index.php?title=E61i&diff=3157&oldid=prev <p></p> <p><b>New page</b></p><div>=== Import CA Certificate ===<br /> <br /> There has been some discussion in various forums about how to install a SSL certificate to S60 3.0 device. I asked around and I'm planning on creating a short document around the subject. But first the quick way of sharing information - a blog! I hope this will provide some clarity to the subject.<br /> <br /> An SSL certificate can be used for different purposes:<br /> <br /> * Authenticating client to server (e.g. SSL/TLS client authentication)<br /> * Authenticating server during SSL/TLS handshake<br /> <br /> Using client certificates to authenticate a user<br /> S60 only allows importing personal certificates and associated keys from .p12 files. The certificate must be a general X.509 certificate which is DER encoded. Private key and certificate file are to be packaged into a PKCS 12 package (.p12 format). The file can then be imported to the device, for example by using file transfer.<br /> <br /> Using the certificate to authenticate a web server<br /> The certificate must be a general X.509 certificate which is DER encoded. In order to be able to import certificate, it must be recognized as a CA certificate to make it work.<br /> <br /> If certificate is not recognized as a CA certificate (meaning that key usage is not CertSigning and BasicConstrains doesn’t indicate that it is not a CA certificate), then you need to follow these steps<br /> <br /> Using a web server:<br /> 1. Copy the certificate file to Web server<br /> 2. Set the MIME type for the directory where the certificate is as application/x-x509-ca-cert<br /> <br /> In '''/etc/mime.types''' add the following line:<br /> <br /> application/x-x509-ca-cert der<br /> <br /> (apachectl stop and start didn't work for me. I had to restart the server.)<br /> <br /> apachectl restart<br /> <br /> <br /> 3. Use the web browser in the S60 device to browse the certificate<br /> 4. Import the certificate<br /> 5. '''Power Cycle S60 Device'''<br /> <br /> === Sources ===<br /> * http://symcaimport.redelijkheid.com/<br /> * http://blogs.forum.nokia.com/index.php?op=ViewArticle&amp;blogId=104645&amp;articleId=412<br /> * http://wiki.zimbra.com/index.php?title=Nokia_E61/E62_With_Self-Signed_SSL_Certificate</div> Fri, 24 Apr 2009 06:00:37 GMT Ljackson http://wiki.ljackson.us/Talk:E61i