![[info]](http://l-stat.livejournal.com/img/userinfo.gif?v=92.1){kind=small}
I am using wonderful ProfiMail mail client on my Nokia 6620 phone. It works great, but I was getting annoyed that it was constantly asking me to confirm the connection since my IMAP server was using self-signed SSL certificate. Today, thanks to this document, I finally wound a way to import that certificate into my Nokia, so it does not ask me anymore. Here are quick steps to do that:
1. Export your self-signed mail certificate in DER format using following command:
openssl x509 -outform DER -in mail.pem -out mail.der
2. Copy resulting file to some directory under document root of your HTTP server (does not have to be on the same machine). In my case it was done with the following command:
mv mail.der ~lord/public_html/
3. Add to /etc/httpd/conf/httpd.conf MIME-type definition for DER files:
AddType application/x-x509-ca-cert .der
4. Open Web browser on your Nokia phone and go to URL on which you published your certificate. You will see a warning about importing untrusted certificate, click "Save" to proceed.
5. Verify in your list of CA certifictates (Settings->Security->Certif. Management) that the certificate you just imported is present in the list of "Autority" certificates.
6. Select it in the list and in "Options" menu select "Trust Setting". On the screen which will appear "Internet" option should be set "Yes" while others should be "No".
You are all set! Now when ProfiMail connects to your mail server using that certificate, you wlll no longer get warnings.
Anonymous
June 17 2006, 19:29:05 UTC 5 years ago
hello
Wow! Cool design! Webmaster respect!Anonymous
December 11 2006, 15:22:49 UTC 5 years ago
hmm... works, but doesn't
I imported the Cert and everything looks good (it's trusted for Internet Connections) but the Nokia Mail app is still prompting me to continue due to the untrusted certificate.I'm using the Nokia E61.
I'll keep fiddling.
Anonymous
December 11 2006, 15:38:27 UTC 5 years ago
Re: hmm... works, but doesn't
It works now :)make sure the hostname in the cert is the hostname you're connecting to.
So for example, if your server's fqdn (fully qualified domain name) is named mrburns.mydomain.com
But lets say for practical purposes you connect to mail.mydomain.com... which has an A record in DNS pointing back to mrburns.mydomain.com
If you create the cert for mrburns.mydomain.com -- then the mail client needs to connect to the server using mrburns.mydomain.com to have the cert work properly.
basically -- connect to the server using the hostname defined in the certificate. :)
Anonymous
April 24 2008, 10:03:59 UTC 4 years ago
Works for me!
Nice clear and to the point. Now working on my E90 and a few E61i's, ta!June 20 2009, 10:53:04 UTC 2 years ago
January 26 2011, 11:31:41 UTC 1 year ago
It will be difficult in self signed
It will be a bit of a difficult process in self signed cert. I tried a lot to get my self signed cert into my symbian. But it just wont accept it. Finally i had to resort to buying a rapidssl cert. It did, eventually, cost me. But it was worth the $8.99.