×

Discussion Board

Page 1 of 2 12 LastLast
Results 1 to 15 of 17
  1. #1
    Regular Contributor
    Join Date
    Jan 2008
    Posts
    173

    Question Install Client Certificate on mobile phone

    I noticed that there is an empty list on my Nokia 6131 NFC called "User certificates". Is this for storing client certificates? I would like to establish a secure connection with a server using mutual authentication. How can I install/use a client certificate on the mobile phone?

    (If I use Boncy castle API the server needs to implement it as well)
    Last edited by alixwarnke; 2008-05-07 at 07:53.

  2. #2
    Registered User
    Join Date
    Dec 2004
    Posts
    370

    Re: Install Client Certificate on mobile phone

    Hi,
    the user certificates section is used to sign Midlet with your own certificate (unlike verisign certificate).

    now i didnt exactly get your reference to BS api in regards to the user certificate the 2 are not related at all....
    since i've worked with bouncy castle maybe you should ask what you intend to do exactly and ill try to help you..

    (for secure connection with server you can simply use https/ssl which should be supported on all phones but you'll need a valid certificate on server and i dont think the user certificate can help you here, since if i remember correctly on most phones there is another section that say "server certificate" and thats the one the phone uses for authenticating servers certificates)

    BR

  3. #3
    Regular Contributor
    Join Date
    Jan 2008
    Posts
    173

    Re: Install Client Certificate on mobile phone

    Hi! Sorry for not being clear.

    In the Sun security tutorial for J2ME

    (http://developers.sun.com/mobility/m...les/security3/)

    they have an example of mutual authentication using a client certificate on the phone and a server certificate on the server. The example requires that both parties use the Bouncy Castle API for certificate handling / SSL. If it is possible I would like to do the same without imposing requirements on the server to use Boncy Castle API for authenticating clients who connect.

  4. #4
    Registered User
    Join Date
    Dec 2004
    Posts
    370

    Re: Install Client Certificate on mobile phone

    what type of connection you wish to establish ? https ? or secure socket connection?

    please note that that example is very old and alot has change since then... jsr177 which uses for encryption/authenticate certificate is available on most new phones....

  5. #5
    Regular Contributor
    Join Date
    Jan 2008
    Posts
    173

    Re: Install Client Certificate on mobile phone

    HTTPS connection

  6. #6
    Registered User
    Join Date
    Dec 2004
    Posts
    370

    Re: Install Client Certificate on mobile phone

    for https connection you dont need to use bouny castle.
    midp 2.0 phones support https connection and most comes with wide range of server certificate (which are used to authenticate the server certificate) by verisign,thawte etc.

    all you basically needs is for your http server to have such valid certificate signed by verisign,thawte etc.

    BR

  7. #7
    Regular Contributor
    Join Date
    Jan 2008
    Posts
    173

    Re: Install Client Certificate on mobile phone

    Yes, but I want client authentication as well...

  8. #8
    Registered User
    Join Date
    Dec 2004
    Posts
    370

    Re: Install Client Certificate on mobile phone

    what do you mean by you want the client authentication ???
    do you need to verify from the server that the client he is speaking to is person x?
    https only authenticate the server (which how its normaly wanted since the client is yourself and you already know who you are and trust yourself)

  9. #9
    Nokia Developer Champion
    Join Date
    Mar 2003
    Posts
    4,105
    shaii, HTTPS can do both server and client authentication although the latter is not as usual.

    alixwarnke, does this help?

  10. #10
    Regular Contributor
    Join Date
    Jan 2008
    Posts
    173

    Re: Install Client Certificate on mobile phone

    traud: No, I had already read that post before creating this.
    The idea of client authentication was abandoned in that thread and not discussed further.

  11. #11
    Nokia Developer Champion
    Join Date
    Mar 2003
    Posts
    4,105
    Quote Originally Posted by traud View Post
    … have you installed a PKCS#7 certificate on your phone already, opened a SSL/TLS connection from the internal browser or a MIDlet and tried to requested client authentication from your server?
    Have you tried these three steps already? Which one fails or makes problems?

  12. #12
    Regular Contributor
    Join Date
    Jan 2008
    Posts
    173

    Re: Install Client Certificate on mobile phone

    No, because I don't think its possible to install client certificates on the phone, only root certificates (and even that is pretty hard). But if someone has done this, please tell me how.
    Last edited by alixwarnke; 2008-05-09 at 19:25.

  13. #13
    Nokia Developer Champion
    Join Date
    Mar 2003
    Posts
    4,105

    Series 40 Client Certificates

    Did you try in the mean time?

    FreeRADIUS (download version 1.1 below) » raddb » certs » root.der. Place that on your web server and deliver it with the MIME media-type application/x-x509-user-cert. Then make sure to set the date to 2004 something on your phone and access it from within the internal web browser. This created a user certificate. Nevertheless, do not ask me whether it works for Java MIDlets automatically when your server requests client authentication.

    By the way my testing results with other combinations (perhaps that helps somebody):
    root.p12: application/x-pkcs12 seems not to be recognised
    root.der supplied as application/x-x509-ca-cert: Imported as server certificate.
    root.pem: PEM is not supported in Nokia world as far as I know.

  14. #14
    Registered User
    Join Date
    Dec 2010
    Posts
    1

    Post Re: Install Client Certificate on mobile phone


  15. #15
    Registered User
    Join Date
    Feb 2011
    Posts
    1

    Re: Series 40 Client Certificates

    I went nokia customer care for software update they update too but forgot to install certificate now what to do...
    Even they took time for 3 days to update phone...
    I really felt so many irregularities at customer care in completing task...

Similar Threads

  1. Replies: 4
    Last Post: 2010-01-04, 07:49
  2. j2me https negotiation - Client Certificate
    By Nikolaos in forum Mobile Java Networking & Messaging & Security
    Replies: 9
    Last Post: 2008-01-21, 18:20
  3. Unable to install. Constrained by the certificate
    By anhquan in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 2
    Last Post: 2007-10-17, 10:29
  4. Mobile Podcasting - will it happen?
    By mobile monte in forum News and Announcements
    Replies: 0
    Last Post: 2006-09-22, 23:45
  5. Self-signed CA certificate
    By blackbuddha in forum Mobile Java Networking & Messaging & Security
    Replies: 6
    Last Post: 2006-07-25, 11:03

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •