User guide
8. The BlackBerry Enterprise Server sends the certificate chain to the BlackBerry device.
9. The BlackBerry MDS Connection Service sends a status update to the BlackBerry device and sends the certificate request
to the certification authority that is associated with the name of the certification authority profile.
10. The certification authority performs the following actions:
a. waits for the certification authority administrator to approve the certificate request
b. after the certification authority administrator approves the certificate request, issues the certificate, and sends the
URL for the certificate in an email message to the user
11. The BlackBerry Messaging Agent receives the email message and extracts the issue ID of the message from the URL and
stores it in the BlackBerry Configuration Database.
12. The BlackBerry MDS Connection Service performs the following actions:
a. polls the BlackBerry Configuration Database every 5 minutes for the issue ID of the message, reconstructs the URL,
and sends the URL to the certification authority to retrieve the certificate
b. sends the certificate to the BlackBerry Enterprise Server after retrieving the certificate
13. The BlackBerry Enterprise Server perfoms the following actions:
a. verifies the certificate by checking whether the public key matches the public key that is stored in the BlackBerry
Configuration Database
b. sends the certificate to the BlackBerry device over the wireless network
14. The BlackBerry device adds the certificate and private key to the key store.
Security Technical Overview
Process flow: Enrolling a certificate using an RSA certification authority
78