I have the same problem as Marco.

I have an .pfx file, and from that I have 'generated' the pem. file wich has both the -----BEGIN RSA PRIVATE KEY-----
data
-----END RSA PRIVATE KEY-----
and the
-----BEGIN CERTIFICATE-----
data
-----END CERTIFICATE-----
sections

but how do I move on from here?, and can I do that with openssl?

How do I create the der file?
How do I create the .p12 file?

Regards

Gert

Hi Risto, I hope you're still reading the comments here and can help.

I'm experiencing similar issues to miiflin, however I'm using ISA 2004 to publish our website instead of IIS. Do you know of any setting similar to that of IIS you've stated in your response that applies to ISA? Or is there a known problem using certificate authentication with ISA/Symbian?

I'm using an s60 3rd edition phone, and when I hit my website the browser crashes with "Web: Unable to perform operation". When I remove the certificate authentication the site work fine.

Any help would be greatly appreciated.

Cheers,
Brendon

Hi, Could you please tell what is right line in metabase.xml file to put string SSLAlwaysNegoClientCert="TRUE"

There is many sections in this file and can´t find the right line to add it.

HI I am using a n73 and can not raed the display againtst the theams thats avail from nokia- like to load a BLACK theam -but all give me a cert. not valid yet??
I have change the date as some sugg. to 2004-2008 NO luck can you help

It is painful to pay for the midlet to sign? Why should we pay it? It is my phone, if I want to install some application that I developed, why should I pay Verisign money!!! And also I hate the operators that disabled the J2ME API. Why? Because some API be disbaled onpurpose by the operator, like AT&T. Fox eample, nokia phone model 6085, when release in other country you can access getSnapshot() while in US you can't. Why the AT&T or cingular disable the getSnapshot API. It is my phone and I as the owener of the mobile phone, should control the phone myself. Agree?

Hello,

I've recently purchased an E61i.

I would like to be secure connected with MfE (Mail for Exchange - IIS server of course) with a legal certificate.
1) is it possible ?
2) how to know the release of the operating system in the mobile ?
3) how to import the certificate in the mobile ?
4) do I need to change something in the IIS server (I don't understand what to do with the .xml file) ?

Thank you,

Alain

i have the same problem:
tried to install .p12 files on my Nokia N73: I copy the files to Documents folder in the phone, but when I select the file in Nokia File Manager it says "Cannot open file".
why???
i executed the procedure with der format
i can only import CA in der format in a file .cer as authority, but i can not importing personal certificate

Rippe,

Can you please post an example of where to add de SSLAlwaysNegocClientCert="TRUE" tag in the metabase.xml

Thanks in advance,
Martin

After installing a root CA I have created, I had two trust settings on my Nokia N75, Internet and Online Certif. Check. Does the Internet trust setting include all SSL/TLS connections including those made by the request of a MIDP application, or just HTTPS? Also, what is Online Certif. Check? Checking CRLs or OSCP? Is it possible to install a root CA for Midp or Symbian signing or does that require special access to the Phone and/or SIM card?

hello,

I have some difficulties to understand this topics, so, I won't probably ask some new question:

1 - I have a exchange server 2007 with SSL
2 - I have a certificate (.cer not a .p12)
3 - I have to configure my Nokia N95 with Mail for Exchange to connect to this server.

Questions:
1 - how to create a P12 file with this .cer without private key ?
2 - if it's not possible, how to find the prive key ? Does all server, which have SSL, have a private key ?
3 - what's the option "SSLAlwaysNegocClientCert="TRUE" ? where do we find this file "metabase.xml" ?

Thanks a lot for your reaction and answers.

Hello.
I have a question.
Is there any way to import personal certificate for Nokia s40 ?
What's user cetificate in S40? how does it work?
Can i insert a security module ?

I've been make SSL connecttion (With Client cetificate require) as well with S60 but I need to do with S40.

sorry for my poor english

Hello,

I hope you can point me in the right direction, I have read through many threads on this site, as well as others, and googled this subject quite often. I have a N95 8GB, runnning Version 30.0.018 Dated July 23, 2008. I have created a Self Signed Certificate using OpenSSL, as well as GNUTLS certtool and converted the pem to der. I want to use this certificate to connect with a TLS server using a preshared key. I am able to import the Certificate into my web browser and view the extensions, which have Basic Constraints of CA, & Usage: Signer , CRL Signer.

I have tried to put the CA on the phone, in the phone memory partition with the extension(s) of cer, der, crt. Every time I tried to open, and start the importing process I get an error, "Unable to open file. File type not supported".

So, then I try to use the web method, setting the mime type on the directory, then using wlan I browse to the certificate, root.cer/der/crt. The cer, crt attempts, download the certificate, then i see the "Save Ceritficate" label in the background, at that point, the "File Corrupt" popup is displayed. When i download the file root.der, it downloads and i can save it to the phone partition, though, when i try to open the file, i get the "unable to open file. file type not supported".

Is there a way to view some sort of log file that I can trace and find a solution to this issue? Could it be the firmware? Any suggestions on how to get this certificate on the phone?

Thanks in advance

i got it working with my E51

created a ca certificate in DER format ca.der
created a personal certificate signed with my ca as myname.p12
copied both to sd card and opened both files in filemanager. now you can import ca.der and myname.p12
now can i access a ssl secured website with client certificate authentication. works also with imap4.

all done with openssl

greets
thomas

every new connection asks for my certificate and i have to enter password. that happens at every ajax request fi. how can i set a default certificate and how can i remove the password for certificate manager?

regards
thomas

After installing a root CA I have created, I had two trust settings on my Nokia N75, Internet and Online Certif. Check. Does the Internet trust setting include all SSL or TLS connections including those made by the request of a MIDP application, or just HTTPS?
What is Online Certif. Check? Checking CRLs or OSCP? Is it possible to install a root CA for Midp or Symbian signing or does that require special access to the Phone and SIM card?

I have the same trouble with my N95, when i conect to my exchanger server, tell me tht is a not secure conection, and always i muts answer yes to make the conection

I hace de owa certificaction but i cant inslla in my phone, , using vista software , cant create cer file but when i try to open it with de file manegar in phone, can't run and "Unable to open file. File type not supported".

how can i import a certificate in my N95?

Hi,
How can I install a SSL certificate in code?