We have moved to a new Sailfish OS Forum. Please start new discussions there.
4

Microsoft Exchange account - .pfx certificate

asked 2014-12-01 11:39:13 +0300

Tk gravatar image

updated 2014-12-01 11:47:04 +0300

eric gravatar image

I'm trying to setup exchange account to my Jolla. I've installed the applications and created the account, but I have not yet been able to synchronize.

The account is to my employers systems. Instructions to setup account to different mobile devices all include of adding certificate to the mobile device. I've done this previously to my N8.

Does Jolla support installing certificates in .pfx format? If it does, what is the easiest way to install it.

edit retag flag offensive close delete

2 Answers

Sort by » oldest newest most voted
3

answered 2014-12-02 01:14:07 +0300

Keeper-of-the-Keys gravatar image

To add a .pfx you probably need to use openssl to convert it to pem (X.509), it's not a hard process but you may need to know the passphrase of the cert encryption which would make it a lot harder assuming you are not the sys-admin who knows that information.

I used to convert pfx to pem when the CA gave us pfx formatted certs and iirc I did need to know the passphrase but I was also converting to something with which we could verify our services, for client certs it may be different...

Something quick on the subject: http://stackoverflow.com/questions/15413646/converting-pfx-to-pem-using-openssl

And more in depth: http://www.openssl.org/docs/apps/pkcs12.html

edit flag offensive delete publish link more

Comments

Thank you. I was able to convert it to .pem. I'll try the installation this afternoon.

Tk ( 2014-12-02 07:57:11 +0300 )edit

I copied the .pem to /etc/pki/tls/certs and ran multi_c_rehash , I even changed rights with chmod to 777 for the pem. I deleted my exchange account and recreated it. While creating the account it says (translated from finnish) that it had problem with checking the server certificate.

the .pfx was exported from my windows PC and required a password. Also password was created when converting it to .pem. I'm guessing that this is the issue now? Should I have done something differently?

Tk ( 2014-12-02 21:22:56 +0300 )edit

When you converted did you use the -nodes option?

If not then the resulting cert is encrypted and your phone can't use it without a key file...

Keeper-of-the-Keys ( 2014-12-02 23:11:17 +0300 )edit

Checked with our IT support and this is actually the problem for me: https://together.jolla.com/question/22808/certificiate-based-authentication-for-activesync-accounts/

Tk ( 2014-12-03 11:43:23 +0300 )edit
2

answered 2014-12-01 19:23:01 +0300

VDVsx gravatar image

Unfortunately there's no certificate manager UI available(see: https://together.jolla.com/question/1607/gui-to-addtrust-ssl-root-certsself-signed-certs/) and I don't think that format is supported, can't you have it in .pem format ? (openssl can be used to convert it seems). If you get it in .pem format then you can follow these instructions to add it https://together.jolla.com/question/2949/where-can-i-add-a-system-ca-certificate/

edit flag offensive delete publish link more
Login/Signup to Answer

Question tools

Follow
2 followers

subscribe to rss feed

Stats

Asked: 2014-12-01 11:39:13 +0300

Seen: 372 times

Last updated: Dec 02 '14

Related questions

Support of Exchange Mobile Device Security Policies

Mark all as read feature in Jolla Mail application [released]

[OPTION] Threaded view in mail app

[Feature-request] Exchange contacts global directory search

IMAP IDLE / IMAP Push for the E-Mail app [released]

Bug: E-Mail synchronization does not work as configured [released]

A way to specify sender's name and e-mail in Google (and IMAP) account [released]

[Implemented in 1.0.3.8] Email: Honour Reply-To header [answered]

[Implemented in 1.0.3.8] Email: Insert In-Reply-To header [answered]

Bug: Having to delete e-mails twice [answered]

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49