A quick update:

Resetting the phone to factory settings fixed the problem with loading the https OWA page in the browser, however, Mail for Exchange is still sitting at "Connecting".

Any suggestions?

Thanks
Carel

You need the root certificate from your CA. Connect from your PC to your CA via a browser. https://yourserver/certsrv
Login and select download CA root certificate and save to disk. It should be called certnew.cer. Send this certificate from your PC to your Nokia and install.
Good luck

Argh! How daft! I've been trying to load the certificate as a .pem or .der. Renaming the DER cert to .cer and then loading (opening) it did the trick.

Thanks dtscaps!

Carel

Hi I have similar problem. But how exactly do you get the file on your Nokia. Via PC suite where do you need to put it
or only via Bluetooth or IR you can send it ?

Thanks

Jan

Hello, I have send the file via IR to my Nokia. under the name certnew.cer. But if I try to open it "unknown filetype" and does not open it. So what can be another solution to get the certicate on the right place, security certif. folder. I also tried to donwload it direct vai the web from our server as I saw that was also an option.

Thanks again for your support.

At this point I would call Nokia support and claim that you have a valid certificate that you want to install in your E60 and asked for help. This procedure worked for me, both on my E60 and N80

Regards

actually, dont call nokia yet.

janzwang - what phone are you using?

Message Edited by rufao on 14-Aug-2006
02:08 PM

Message Edited by rufao on 14-Aug-2006
02:08 PM

Hi I have a E 70 as mentioned, got it last week. With the latest mail for exchange software installed.

Regards

Jan

When Mail for Exchange connects to a server using a secure connection, it is best if the device has the same root certificate installed that has been used to issue the server certificate. Otherwise the device will prompt the user about an untrusted certificate every time a connection is made to the server. This may happen several times daily, sometimes only minutes between.

Nokia devices come with many certificates pre-installed. These can be viewed by using Menu-Tools-Settings-Security-Certif._management. If a certificate issued by one of these certificates is used on the server, no additional certificates are required on the device.

If a certificate that can not be validated with the device’s pre-installed certificates is used, for example a certificate that has been self-created, the root certificate that has been used to issue the server certificate must be installed on all devices the administrator deploys.

In the case of a self-signed server certificate, the root certificate is the same as the server certificate since there is no certificate chain. The server certificate is the one that should be installed.

Before installation the administrator must convert the certificate to a format the Nokia device supports.
For the experienced admin, this statement can be followed: A server’s root certificate must be converted to ‘DER encoded binary X.509’ format.

Step 1: Obtain the root (not intermediate) certificate for the server in base64 format. This should look something like this:
-----BEGIN CERTIFICATE-----
VQQGEwJaQTEiMCAGA1UECBMZRk9SIFRFU1RJTkcgUF
VSUE9TRVMgT05MWTEdMBsGRVNUMRwwGgYDVQQDExNU
aGF3dGUgVGVzdCBDQSBSb290MB4XDTA1MTEwNzExMj
...removed lines....
BgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly
FLgsY+QtxYo=
-----END CERTIFICATE-----

Step 2: Cut and paste this into notepad and save (or rename) this file with “.cer” extension, i.e.

Step 3: On a Windows PC (XP is used here), double-click the file you created. A Certificate application will start after several seconds. There are three tabs (General, Details, and Certification Path). Select the ‘Details’ tab.

Now press ‘Copy to File…’ button to start the ‘Certificate Export Wizard’. Press ‘Next’. Now select ‘DER encoded binary X.509 (.CER)’ and press ‘Next’. Continue to save the file with any name like . Make sure the filename has a ‘.cer’ extension.

Step 4: Get this file to the device via any means (email, Bluetooth, memory card, etc.). Find the file on the device and select it. If these steps were followed correctly, the device will start to import the certificate. Follow prompts and when asked, check the boxes for both ‘Internet’ and ‘Online cert. checking’.

Result: You should see a new certificate installed in the device’s Security management list.

Otherwise, the phone will display an error about file format not being supported. If this happens, the certificate has not been imported.

Hello,

Copy the certificate on the E70. With me the certificate was not yet recognized. I had first to switch the E70 off and on again before I could import the file by selecting it in the filemanager.

For me this does not work. If I transfer the certificate to phone as instructed above, the phone says "file can not be opened" (and there is a question mark in front, denoting unknown file type, i guess). On my 9500 the same certificate can be imported w/o problems.

If Nokia has made it this difficult to insert certificates, why not to have an option to disable checking certificates, or something?

If the file name is the same (nnnn.cer), if it is is base 509, the phone recognizes the file, opens it, but nothing happens.

Hi,

my e70 is still pending on connecting to the Server- i´ve tried to install the root-certificate from our exchange - no error, but there are no certificates displayed in certif. management (certif. management Pops up shortly and closes immediately.)
I´ve also tried to connect without a secure connection - same effect- connection pending.

regards, albert

Hi, I am e70 owner , now with updated m4e 1,3 en latest firmware. I have the same problem. The .cer is installed at all, it stated " can not be opened" not the .cer is a a own made certificate from our IT department.

I did all the steps mentioned in the m4e team, 3 x times, but it still does not work, what is next ? Why you just can not drag & drop the certificate on the phone via PC Suite, that would make everyone lives a bit easier.....

The only way I can put now the root certificate from a windows certificate server on the Nokia E70 is to follow the next steps:

- Make sure that the certificate is in DER format
- use OpenSSL to convert the certificate to .pem, using the command : openssl x509 -inform der -in MYCERT.cer -out MYCERT.pem
- convert the .pem to .der using command : openssl x509 -outform der -in MYCERT.pem -out MYCERT.der
- copy the .der cetificate to the website root directory (recommended) or copy it to a newly created directory
- set the directory MIME types to application/x-x509-ca-cert for .der extension
- browse the file using the E70 built in web browser, the certificate will install automatically