Archive for the ‘Mobile Phones’ Category

Finding out what clients work with different SSL certificates, building a SSL comparison database

I always wanted the ability to compare different SSL certificates with the clients that do or do not support them.

But at best you can download the roots that a mobile client, browser or operating system uses and compare them with the certificates issued by thoose roots. A cumbersome and extremely tedious task, that still only gives you information about 1 single client. Why has no one made a database containing all popular SSL certificates and clients/browsers/mobile phones and their compatibility.

Well I guess the reason is that it is extremely hard to get a consistent and easy to use data from the clients. The issuers only have information about what clients support them, but the information is usually not quite true, i.e. SSL provider X gets approved by Nokia, so they write now they are supported by Nokia, but that is only true for new nokia phones made after the approval or updates and even in some cases Nokia might forget the SSL provider in a new phone model…

So I tried the next best thing, i created a web page that will test SSL certificates and if they work on any client. Basicly it looks for a small image on a webserver with the SSL certificate, and records if the client was able to load the picture via javascript. The result is then shown on the webpage and stored for a future comparison chart when I have enough clients/SSL certs.

I need your help

But I could realy use some help, I need people to run the test with their different clients, operating systems, mobile phones, etc. so we get as much data as possible.

You can start the test from this page www.ssltest.net/compare/

I also need more SSL certificates to add to the test. If you have or know of a publically available server using a SSL certificate not in the test allready, please e-mail me the URL for a small image of at least 2×2 pixels plus the name of the SSL certificate in use to sole@sole.dk

I hope the results will give enough data to make a public and FREE database of what SSL certificates that work on different browsers, operating systems and mobile phones.

Update 1 jan. 2011.

First results of the client SSL compatibility comparison charts are now public live on www.ssltest.net/compare/sar.php the page is not finished and only shows correctly in IE7+ (not doing layout, etc. before functionality is complete). But there is allready data about different OS, browsers and mobile phones that work or do not work with different SSL certificates. I must admit that the information is surprising for some of the results and I am sure that with more data it will get even more interesting. I have not found another place on the internet that has this information.

Getting root certificates into your Windows Mobile without using a chain saw

Getting SSL root certificates into mobile phones, has always and still is a hastle. My personal advice to people trying to use a server certificate on mobile phones, for example for e-mail, is very simple. But before I go more into that.. The reason I came on to this subject, was because a friend asked me if I knew of an easy way to put your own root certificates into mobile phones. I didnt when he asked, but I just found a nice guide explaining how to, for Windows Mobile phones – yes each type needs it’s own way of installing – sigh.

The guide can be found on two Swedish IT consultants Blog (Yes I am swedish – No it’s not me), I find it worrying how many posts include stuff I work with as well, including some info about my beloved WRT54GL that I am pondering swapping with something faster soon. The blog post about how to install Root SSL certificates on Windows Mobiles, with a CAB setup file, and a simple XML format can be found here: http://poweradmin.se/blog/2009/11/15/smooth-root-certificate-deployment-for-mobile-devices/

Back to my personal advice on how to get root certificates on mobile phones. Read the rest of this entry »