Nokia E-Series with Self-Signed SSL Certificate: Difference between revisions

Nokia E61/E62 With Self-Signed SSL Certificate Setup

Scenario

• This setup assumes you installed Zimbra with the default self-signed Certificate
• You want to a secure connection to your Zimbra server via Mail for Exchange (latest version is 1.3.1 as of this writing which is what I tested this with)

Discussion

• I tried all kinds of different ways to get the cert onto the E62 without resorting to putting it on the webserver, but it was the only way to get it working. When I transferred via bluetooth, I would always get Invalid File Format errors. Putting the cert on the web server and setting the mime type is a solution I found via google.

Steps

• Setup your CA certificate so your E62 can download it:

Login to zimbra server and convert CA from .pem format to .der format  ; reference: [1]
su - zimbra
cd /opt/zimbra/ssl/ssl/ca
openssl x509 -outform der -in ca.pem -out ca.der
cp /opt/zimbra/ssl/ssl/ca/ca.der /opt/zimbra/httpd/htdocs/
cd /opt/zimbra/httpd/htdocs
vi /opt/zimbra/httpd/conf/mime.types
(add the end of the file, add the following line)
application/x-x509-ca-cert  der
(as zimbra)
zmapachectl stop
zmapachectl start
(Is your firewall port 7780 opened? It needs to be to use this approach...)

• Transfer Zimbra server CA to your E62:

With your E62, browse to http://yourzimbradomain.com:7780/ca.der
(you should be prompted to install the CA certificate)

Note: You can download the cert using port 7071, but the mime type is not properly set so you will NOT be prompted to install the cert, hence use port 7780.
Ensure you check both checkboxes for the trust settings for Internet and Online Certificate Check

• Your CA certificate should now be on your phone.

You can verify that your CA was installed on your E62 by going to Settings > Config > Security > Certif Management and looking for your Zimbra CA