EAP personal certificate 5800

Similar Messages

• E61 cannot import personal certificate

  Hello,
  I can't import personal certificate. I have personal certificate in p12 (pkcs12) format and it can be imported into firefox without any issues. However when I open this certificate on E61 I am asked for:
  password for my certificate - I enter correct one
  E61 proceeds to to Screen where it says:
  File contains:
  1 private key
  1 personal certificate
  1 authority certificate
  Save? When I click on save I get message:
  Private key corrupted!
  then it proceeds to CA which works fine.
  What I am doing wrong? Kindly assist as this is show stopper in 170K+ employees company.

  Hi,
  I'm not only unlucky, I'm frustrated! :-(
  I've got exactly the same problem. Modell: E65.
  In our company around 50000 users are already using personal certificates, generated using an openssl pki framework.
  Installing/migrating/running a Windows-PKI instead, only for importing P12-Files into our Nokia mobile's is not a solution nor an option.
  All our user-certificates (Server-,Client-,Multi-Level-CA-Certificates) are working fine within standard-protocols and standard applications (e.g. IMAPS, VPN/IPSec, WPA-EAP-TTLS/TLS, HTTPS, LDAPs,...), even within Microsoft's client-appilcations (IE / Outlook) there are no problems importing / using them for encryption, authentication or signing purposes.
  So there should be no problem, regarding the import into a E65?!
  I tried to convert some demo-certificates various ways, exported, converted them to DER, build different P12-formated files but not chance: the E65 always reports "File corrupted".
  I also followed the instruction found under
  https://blogs.forum.nokia.com/view_entry.html?id=412
  So I tried to download a p12-Container directly from a test-webserver using the correct mime-type, no luck: Corrupted File!
  But on the other hand, any p12-file, which the E65 says is corrupted, could be imported into IE/Firefox/Outlook/Thunderbird (the later two on windows & linux plattforms) or opened/investigated using openssl (0.9.8c and 0.9.8d) on the command line without any problems.
  The hint (two posts above), creating certificates using MS-AD-integrated PKI gave me a small hope again. (Please do not understand me wrong, migrating all our user/server certs and PKI-Infrastructure to MS is completly impossible, but a small test will show whether out p12-Files cause the corruption problems).
  So I imported (doubleclick, windows wizard...) the openssl-generated p12 into IE (flagged "exportable") without problems. Right after the import, I exported it various ways (e.g. w/o stong encryption) into a MS-pfx (aka p12) formated file. Renamed the suffix from pfx to p12 and gave it to openssl for processing / investigation:
  openssl pkcs12 -in testuser.p12 -info
  Enter Import Password:
  MAC Iteration 2000
  MAC verified OK
  PKCS7 Data
  Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2000
  Bag Attributes
  localKeyID: 01 00 00 00
  friendlyName: {EE88EF5C-5404-487C-AB22-AA56E79D447C}
  Microsoft CSP Name: Microsoft Enhanced Cryptographic Provider v1.0
  Key Attributes
  X509v3 Key Usage: 10
  Ok the content seems to be in "Microsoft CSP" format!!! (remembering two posts earlier, that's the container-format MS-PKI produces, so a successfull import of this file should be possible?!.... No way either!!! "File corrupted!"
  Another point: during my first p12 import try I used a corporate-standard-p12 file, that means, it contains:
  1 x User-Cert
  1 x User-Key
  1 x Intermediate-level-CA-Cert
  1 x Root-level-CA-Cert
  The E65 successfully imported the two CA-Certs, ask for a name and stored them under "Authorities". They are accessible within S60 (Security->certif.manag) and anything is fine with them. But the also contained user-certificate and the user-key resulted in "File Corrupted!". :-(
  So, for me in the moment it looks really that there is a bug in S60-3rdEd. (E65). Our certificate-containers are as far as I can say completly standard conform all software (opensource/closed source) can read/import our p12-contents without problems, even the E65 can partialy (CA-Certs) read the p12 contents (but not the user-cert/key). :-(
  I would be very happy if someone else can confirm the above results and even more happy if someone else can give me more ideas where to look for a possible solution.
  What I'm missing is an exact specification from Nokia/Symbian, regarding the P12 contents. That means, Certificate/Key Encryption, Formats, Hash-Algorithms, Iterators, Mac-Iterators, and so on... If such an specification would be available/accessible chances are good to be able to generate a valid p12 file containing importable private keys. Information like DER/PEM and mime-type that's by far not enough.
  Because I was not able to find such details specs, all I can offer in the moment is to generate test certificates and p12-container-files for further in-deep debugging?!
  If it is not a bug of S60-3rdEd. perhaps someone else reading this thread can offer a MS-PKI-generated (and of course successfully imported ins S60) p12-File (even revoked should not be a problem) with all passphrases for download, so I can try to investigate in deep the formats and the differences?
  Many thanks for your help!
  Cheers
  Krum

• How to install personal certificate on N95?

  Hi,
  Does anyone know how to install a personal certificate on the N95? I need to connect to my office WLAN using Radius authentication. I have tried to bluetooth the .cer file to the phone and it does not recognize the file or install it. I am familiar with all of the WPA settings (EAP-Peap-MSCHAP v2....etc) which do not work or seem to work without the personal cert.
  Thanks,
  Greg

  I also need to import a personal certificate on a N95 for synchronization with the company exchange server.
  I tried to import thru bluetooth in a .p12, .cer format. I tried also to modify the certificate with openSLL.
  It seems that is not possible to import personal certificate exported from the exchange server on a N95!!
  The support site answered me just to import it in a .p12 format. I'm not dummy, I know what I did, I just become a message that the file is corrupt, but I can use this certificate on all other mobiles!
  I will change to a Sonyericsson P1, or do someone know how to solve the problem? Also the support didn't tell me when there will be a version 13 of the firmware, if the problem is known and if is possibile to downgrade to version 10.

• How do I get a personal certificate in order to send and receive encrypted emails?

  How do I get a personal certificate in order to send and receive encrypted emails on my MacBook Pro, iPad mini and iPhone 4S?

  This Apple document tells how to use them: Mail (Mavericks): Use personal certificates in Mail
  You need to get the certificate from a certificate authority (CA) like:
  Sign Up now for Free Secure Email Certificate with Digital Signature
  Digital Certificate Signing | Free Email Certificate
  Symantec Digital IDs for Secure Email – Digital Signature | Symantec
  Email SSL | SSL Certificates for Secure Email Encryption and Digital Signatures
  OT

• Can't login Lync suddenly, the error is" There was a problem acquiring a personal certificate required to sign in."

  Dear all,
  This is a real issue in working. Our company provides office 365 mailbox and its lync for users.
  Recently, many users meet such issue of " There was a problem acquiring a personal certificate required to sign in."
  The lync version is 2010 and even I removed lync2010 cache for user's profile, that user still can't login lync.
  See below picture.    
  Please give help and show advice.
  Franklin hong

  Hi,
  The issue may be caused by that the user’s security credentials were corrupted or an RSA folder on the user’s computer may be blocking authentication.
  Here is a similar case may help you:
  http://community.office365.com/en-us/f/166/t/80399.aspx
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Cannot log anyone onto one computer due to personal certificate error

  I have a client who just deployed Lync with Office 365. On one user's computer, no one can log into Lync. If she goes to any other computer, she can log in fine. If another user tries on her computer, they get the same error. It's the error about a personal
  certificate. I went through the troubleshooting wizard, deleting the SIP folder, and deleting all the certificates associated with Office or otherwise generated the same day as the Lync install. But it did not work. Tried uninstalling and reinstalling several
  times, with no success. They are using a reseller from Office 365, and contacting their engineers, THEY were unable to assist. Is there anything else to check? The user stated when she saw other people first log in, they had a pop up to accept a certificate.
  But she never got one on her computer.

  Hi,
  On Lync client, OptionàPersonalàclick Advanced...button
  beside Sign-in address, check if you choice “Automatic configuration”. If not, change to it and then test again.
  Please also reg delete HKCU\Software\Microsoft\Office\15.0\Lync\[email protected] /f.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Firefox asks every time for personal certificate. it wont remember choice.

  I have 2 personal certificates for accessing several secure sites.
  If I check to remember choice, Firefox remembers choosen certificate and works until I close Firefox completely.
  When I open Firefox it chooses wrong certificate (it always chooses first certificate on list).
  If I choose ask every time and I select certificate and check "remember choice" it remembers until I restart Firefox. Aftert restarting it asks again( this site has requested that you identify yourself with a certificate).
  I have reset firefox and imported certificates, and still same happens. It happens on several versions of firefox and on my all computers.
  How to remember which certificate to choose on one specific web page?
  Thank you

  In case you use "Clear history when Firefox closes" or otherwise clear history:
  *do not clear the Site Preferences
  *Tools > Options > Privacy > Firefox will: "Use custom settings for history": [X] "Clear history when Firefox closes" > Settings
  *https://support.mozilla.org/kb/remove-recent-browsing-search-and-download-history

• How to install EAP-TLS certificate?

  Hi All,
  Our wireless network requires EAP-TLS certificate installation.
  We use a MS 2003 server as a CA server.
  I tried to brows to the issuing website (http://CAserver/certsrv) but when I get to the section where I need to choose the strength of the key, somehow the phone's browser is not showing the options...
  So, I tried to issue a certificate from the issuing station and got a file called certnew.cer .
  From what I read this is the right certificate type, so I copied the file to the phone and tried to open it...
  But it only open it with the Notes application...
  Any help????
  10x in advanced,
  Naor. 

  The certificate needs to be in .der format. You probably have it in .cer (PEM) format right now.
  You can convert it using openssl. Change the filenames appropriately:
  openssl x509 -outform der -in MYCERT.pem -out MYCERT.der 
  Then send the .der file to the phone and open it. The phone should offer to install it as a certificate.
  Message Edited by sanjaymehta on 06-Aug-2009 09:22 PM
  Message Edited by sanjaymehta on 06-Aug-2009 09:23 PM
  Sanjay Mehta
  Motorola "Brickphone" circa 1996, Alcatel One Touch, Ericsson R380, Sony Ericsson T220, Sony Ericsson T630, Nokia E50, Nokia E61i, Nokia 9300i, Nokia E71,Nokia X6, Google Nexus S, iPhone 4S

• Personal Certificate Store in iPCU

  Does anyone know a way to sort certificates when selecting them from the iPCU? The store displays ALL certs, instead of just personal ones. It's rather time consuming searching for one certificate through the hundreds imported into a system within a PKI environment. The goal is to either sort alphabetically or  display certs from the "Personal" group of the certmgr.msc only. Maybe a registry hack?
  For clarification, take a look at the fourth screenshot at http://wiki.cacert.org/Technology/TechnicalSupport/EndUserSupport/OperatingSyste ms/iOS. It's titled Personal Certificate Store yet displays certs from the "Third-party Root CA" and "Other People" groups of certmgr.msc.
  Using the latest iPCU version available. Windows 7.

  As far as I know this is not possible. The IPCU displays the certificates by install order (I believe).

• Although i have imported my Personal Certificates into Firfox successfully, they except one, don't show up in certificate manager. I have installed Penango also.

  Hello,
  I wish to describe the problem with the display of imported certificates in certificate manager in the latest version of firefox.
  Here is the sequence of events as it occurred -
  1. Few weeks back i installed my Personal Certificate which was automatically visible in the Certificate Manager of Firefox.
  2. Few days back i installed Penango.
  3. Two days back i installed Comodo free email certificate in Internet Explorer. Then i exported it (Personal Information Exchange with key & with chain) to a folder. Then i opened the Certificate Manager in Firefox and imported it successfully along with the keys (as per the window notification during importing). However the certificate is not visible in the certificate manager of Firefox.
  Kindly help in resolving this issue.
  Thanks.

  Yes, i have checked according to "Tools > Options > Advanced : Encryption: Certificates - View Certificates ". Only one of my personal certificate is shown. In total i have 4 personal digital certificates. All 4 are shown in the certificate manager of my other browsers (Internet Explorer 8 and Google Chrome).
  And yes another import of the other three certificates showed that the they are already installed.
  If you need any more information please feel free to ask me.
  Thanks for your help.

• How can I import personal certificates into firefox that are not pkcs12 files (.cer or other)?

  I am trying to import .cer personal certificat into mozzila so I can go to an secure site (bank account online) but cannot do it since it is not pkcs12 type of file. Can you help me.

  I tied that, but when I try to import them to mozzila all it wants are pkcs12 files. It does not accept any other.

• Personal certificate and network key

  ok, I got my router to work.  Now I'm trying to access the internet through my PDA phone and it's saying I need a personal certificate to identify me and a network key. where do i find these things?

  In a separate note, you also wrote:
  "When I open up the 192.168.1.1 page, it brings me to wirespeed, the page for my modem, not linksys. And the reset button on the router dosent seem to do anything, even after i held it down for a full min."
  If you still have not gotten your router reset to factory defaults, use the procedure at the end of this note first, then procede with the following:
  If you are still having a problem getting your modem setup pages (and not your router) at 192.168.1.1  then your modem and router are probably set to the same address.  For now, disconnect the modem from the router, then, using a computer that is wired to your router, point your browser to 192.168.1.1  and enter your user name (if any) and password.  This will take you to your router's setup pages.  Change the router's "Local IP Address"  to 192.168.2.1 , then click on "Save Settings".  You will likely be disconnected.  This is normal.  Power down the router, then reconnect the two devices.  Later, you may wish to use a more ideal solution, by placing the modem into "bridge" mode, and then using the router to do all your router functions.
  The "network key" is most likely your wireless encryption key.  With WEP, this is "key 1".  With WPA or WPA2, this is the key (sometimes called "shared key" ).  What encryption method are you using?   Some PDA's will only do WEP.  Can yours do WPA or WPA2, or just WEP?
  To find your key, first, change the router's address to 192.168.2.1   Then, using a computer that is wired to the router, log into your router at 192.168.2.1  Then click on the wireless tab.  Look around, and find your encryption method (WEP, WPA, PSK, etc).  Near here, you will find the key. 
  The "personal certificates" are generally used by business for user authentication, ie. to prove your identity when you call in from across town or from another state.  You should not need a "personal certificate" simply to make a wireless connection to a Linksys home router.
  Who is your ISP?
  What is the make and model of your modem?
  What is the model and version of your router?
  PROCEDURE TO RESET ROUTER TO FACTORY DEFAULTS
  To reset your router to factory defaults, use the following procedure:
  1) Power down all computers, the router, and the modem, and unplug them from the wall.
  2) Disconnect all wires from the router.
  3) Power up the router and allow it to fully boot (1-2 minutes).
  4) Press and hold the reset button for 30 seconds, then release it, then let the router reset and reboot (2-3 minutes).
  5) Power down the router.
  6) Connect one computer by wire to port 1 on the router (NOT to the internet port).
  7) Power up the router and allow it to fully boot (1-2 minutes).
  8) Power up the computer (if the computer has a wireless card, make sure it is off).
  9) Try to ping the router. To do this, click the "Start" button > All Programs > Accessories > Command Prompt. A black DOS box will appear. Enter the following: "ping 192.168.1.1" (no quotes), and hit the Enter key. You will see 3 or 4 lines that start either with "Reply from ... " or "Request timed out." If you see "Reply from ...", your computer has found your router.
  10) Open your browser and point it to 192.168.1.1. This will take you to your router's login page. Leave the user name blank, and in the password field, enter "admin" (with no quotes). This will take you to your router setup page. Note the version number of your firmware (usually listed near upper right corner of screen). Exit your browser.
  If you get this far without problems, you will need to setup your router's "Internet Connection Type" manually.  You should not try to use the setup disk that came with the router.  Then you will need to change the router's address to 192.168.2.1 (return to the start of this post).
  If you cannot get "Reply from ..." in step 9 above, your router is dead.
  If you get a reply in step 9, but cannot complete step 10, then either your router is dead or the firmware is corrupt. In this case, use the Linksys tftp.exe program to try to reload your router with the latest firmware. After reloading the firmware, repeat the above procedure starting with step 1.
  If you have problem, please state the results of steps 9 and 10. Also, if you get any error messages, copy them exactly and report back.

• Importing personal certificate from pfx file

  Using iPhone configuration utility 3.5.0, Is it poosible to import a perosnal certificate using a .pfx file.
  When I try to miport it only lists certificates in the personal certificate store on windows machine? It doesn't allow me to import a certificate from a file.

  I am pretty sure that you can mail this certificate to an email account you can access on your iPad. Then when you open the certificate file it will be imported

• Installing "Personal Certificates"?

  The Safari Help file (in the "About Certificates" topic) says:
  "If you need to connect to a website that requires a personal certificate, you'll be provided with a certificate and instructions for installing it."
  Anyone figure out what those instructions might say? Or is the lack of support a beta "feature"?
  TIA

  Safari uses standard Windows certificates implementation, so you should read about it in Windows documentation, for example: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/c ert_ovr.mspx?mfr=true

• Personal certificates disappear after upgrade to FF35

  All personal certificates for loggin on sites doesn't shown - empty storage. Sites saying "You have no certs installed".
  When I import cert from backup and enter right password I see window "Alert! ... imported successful", but no cert appears at "View certs" - Personal. When I do enter wrong pass importing cert I have an error (so ok).
  Linux 3.13.0-44-generic #73-Ubuntu SMP Tue Dec 16 00:23:46 UTC 2014 i686 i686 i686 GNU/Linux
  Any ideas? Thanks!

  ''guigs2 [[#answer-681201|said]]''
  <blockquote>
  Do they appear in any other section of the View Certificates option under Options > Advanced > Certificates?
  Please also take note of the type of security certificates that you are importing: [https://blog.mozilla.org/security/]
  </blockquote>
  They was there, but not now. (Preferences > Advanced > Certificates > View Certificates). As importing says Ok, I think certs present in storage but cannot be shown/accessed...
  And yes, I have other rarely used FF profile for tests, it was upgraded too and never has personal certificates. Importing there the same cert.p12 was successful and I can see it and log into needed site!
  So smth wrong with big profile for work.