Archived:Establishing trust between OMA DM server and a Symbian device
m (1 revision(s))
Revision as of 09:36, 12 May 2009
S60 3rd Edition FP1
Establishing trust between a device and the DM server is described in OMA Device Management DDF for Policy Management available at Forum Nokia. This article explains the possible ways of establishing trust and the different policies that can be used.
There are two ways to create corporate trust.
Separate mapping for certificate and roles
First, the certificate mapping policy is sent.
The above policy creates a mapping between the certificate and the alias_id. The policy does not create the trust but simply describes that COMCOM is the "short name"/alias for the given certificate.
After this, the roles mapping policy is sent.
The above policy maps the COMCOM role to be the trustedadmin which is the role_id of the COMCOM. This policy will display the device security indicator § in the status pane.
In this approach, both the certificate and role mappings are done at the same time with a single policy:
The command: use_bearer_certificate = "true" will cause the certificate to be searched directly from the HTTPS session. In Approach 1, the certificate is taken from the policy file itself.
The second approach is an easy way to establish trust as both certificate mapping and roles mapping are handled automatically.