Recipe 8.18. Installing a Root Certificate for Use with EASProblemYou want to install a root certificate on a portable device for Exchange ActiveSync users. SolutionUsing a graphical user interface
DiscussionWindows Mobile 2002 and 2003 smartphones ship with root certificates installed for the major certification authorities, but many enterprises wish to issue their own root certificates for use with Exchange ActiveSync, VPN, or web services. Microsoft has made the Smartphone Add Certificate Utility available to allow users to add this root certificate authority to the device's trusted certificate authority list. However, the utility will not work on phones that are application-locked by the mobile carrier; instead, the carrier must sign and distribute its own version of the utility. At the time of this writing, only Verizon has issued a signed version of the utility, available as VZW_SPAddCert.exe from the Microsoft Download Center. If you run through the steps in this recipe and are presented with an error message indicating that your smartphone is locked, you should contact your mobile carrier for assistance. See AlsoRecipe 8.17 for disabling checking of root certificates, and MS KB 841060 (How to add root certificates to Windows Mobile 2003 Smartphone and Windows Mobile 2002 Smartphone) |