Manualshelf

Specifications

ManualsBrandsBlackberry ManualsComputer equipmentENTERPRISE SOLUTION SECURITY - SECURITY FOR DEVICES WITH BLUETOOTH WIRELESS TECHNOLOGY - TECHNICAL
41424344454647484950
d Adds the computed signature response to the PKCS#10 CSR
e Encrypts the PKCS#10 CSR using PKCS#7 enveloped data format and the CA public key
f Sends the PKCS#7 enveloped data to the device
6. The device completes the SCEP request by signing the PKCS#7 enveloped data using PKCS#7 signed data format and
sends the SCEP request to the CA.
7. The CA issues the certificate and sends it to the device.
8. The Enterprise Management Agent on the device adds the certificate and corresponding private key to the keystore on
the device.
Sending CA certificates to devices
You might need to distribute root and intermediate CA certificates to devices if the devices use certificate-based
authentication to connect to a network or server in your organization’s environment or if your organization uses S/MIME.
Sending the CA certificates for your organization's network and server certificates to devices allows the devices to trust the
network and servers when making secure connections. Sending CA certificates for your organization's S/MIME certificates
allows devices to trust the sender's certificate when a secure email message is received.
You can send CA certificates to every device that is managed by the BlackBerry Device Service by copying the certificate to
the appropriate subfolder in the BlackBerry Device Service shared network folder. If the contents of a certificate folder
change, the Enterprise Management Web Service sends all certificates in the folder to the appropriate certificate store on
every device to replace the previous set of certificates.
Depending on the purpose of a certificate, you should copy a CA certificate to one of the following Certificates subfolders:
Folder Description
WIFI The BlackBerry Device Service sends certificates in the WIFI folder to the Wi-Fi Trusted
Certificates store on every device. Certificates in the Wi-Fi Trusted Certificates store can be
used only for Wi-Fi connections. You must set the Wi-Fi profile Trusted Certificate Source
configuration setting to Trusted Certificate Store to use certificates in the store for work Wi-Fi
connections.
VPN The BlackBerry Device Service sends certificates in the VPN folder to the VPN Trusted
Certificates store on every device. Certificates in the VPN Trusted Certificates store can be
used only for VPN connections. You must set the VPN profile Trusted Certificate Source
configuration setting to Trusted Certificate Store to use certificates in the store for work VPN
connections.
WWW The BlackBerry Device Service sends certificates in the WWW folder to the Enterprise Root
Certificates list on every device. The work browser uses these certificates to establish SSL
connections with servers in your organization's environment.
Security Technical Overview Managing certificates on devices
41