Getting root certificates into your Windows Mobile without using a chain saw

Getting SSL root certificates into mobile phones, has always and still is a hastle. My personal advice to people trying to use a server certificate on mobile phones, for example for e-mail, is very simple. But before I go more into that.. The reason I came on to this subject, was because a friend asked me if I knew of an easy way to put your own root certificates into mobile phones. I didnt when he asked, but I just found a nice guide explaining how to, for Windows Mobile phones – yes each type needs it’s own way of installing – sigh.

The guide can be found on two Swedish IT consultants Blog (Yes I am swedish – No it’s not me), I find it worrying how many posts include stuff I work with as well, including some info about my beloved WRT54GL that I am pondering swapping with something faster soon. The blog post about how to install Root SSL certificates on Windows Mobiles, with a CAB setup file, and a simple XML format can be found here:

Back to my personal advice on how to get root certificates on mobile phones.

Purchase a certificate that is compatible with your mobile phone, don’t try and use your own CA for the mobile units, it is simply not worth the money saved. Even if it may be possible to create your own certificate and manually install it on your mobile phones, the time used for setting up the solution and installing it on each mobile phone there after, is simply much more expensive than purchasing a cheap certificate.

Most SSL certificates that are very cheap is not compatible with mobile phones, or is that just a myth? Looking at the specifications on AlphaSSL a very cheap SSL certificate, it is actually supported by Nokia Symbian S40-S60, Windows Mobile, Sony Erricsson etc. No I havent personally tested it with every mobile phone I could find, but it does look to be just as compatible as more expensive products. With a recommended retail price of $65, it would take a extremely cheap system administrator, to be able to setup and support an internal solution, with installation on mobile phones (I estimate the cost of an average system administrator to be less than 3 hours if it should be cheaper than the certificate).

Leave a Reply