Ocasta

I thought it was time that I investigated loading certificates onto phones. The driving force for this was that while trying GMailChecker on a number of handsets I discovered that some, the Nokia 6230 for instance, don't give the option to connect to an HTTPS URL when it has an untrusted certificate.

I ran into a number of problems, some of which I managed to overcome.

• You can't just Bluetooth or SMS a certificate on to a phone. It has to be OTA from a web page.
• When you set up a certificate for download in has to be a binary one, not BASE64
• Many non-smartphones only accept WTLS certificates. This is a problem for GMail since I can't find a WTLS version of the Equifax certificate. So I still can't get the midlet to run on a Series 40 phone.

I now have a web page that you can use to download and install the correct X509 DER encoded Equifax certificate onto your phone. As I said, only some phone supports this type of certificate. It can be found by pointing the phone browser at http://www.ocasta.co.uk/cert.html Successfull installation and configuration means one less question each time you check your GMail.

So far the Series 60 MIDP 2.0 phones I have tried (6600 & 7610) both install it successfully. After installation you have to go to Settings, Security, Certificates; select the Equifax one and under Options set it to trusted for Internet connections. Done.

There was an added bonus too. I found that I could install the certificate on the Sony Ericsson P900/P910. Once installed, the midlet no longer crashes. GMailChecker now works on this phone! However I can't get the browser to install the midlet OTA. For now it has to be installed via a PC.