User Guide

Security

Certificates and PGP keys

About certificates and certificate enrollment

A certificate is a digital document that binds the identity and public key of a certificate subject. Your BlackBerry smartphone supports RSA, DSA, Diffie-Hellman, and ECC keys.

If your work email account uses a BlackBerry Enterprise Server that supports this feature, you can download certificates over the wireless network using a certification authority profile provided by your administrator. Depending on your organization, enrollment for a certificate might be required and might also occur automatically.

When you enroll with a certification authority profile, a new certificate is downloaded to your smartphone and added to your certificate list. The certification authority profile shows the status of the certificate. If the certificate is scheduled to expire soon, you can re-enroll with the certification authority profile to receive an updated certificate.

About PGP keys

If your work email account uses a BlackBerry Enterprise Server that supports this feature, you can download PGP keys over the wireless network from a certificate server provided by your administrator. Depending on your organization, enrollment with the PGP Universal Server might be required and might also occur automatically.

PGP keys allow you to send and receive PGP messages using your BlackBerry smartphone. Your smartphone supports RSA, DSA, and Diffie-Hellman keys.

About the trust status of certificates and PGP keys

When you view the details for a certificate or key, you can view the trust status of the item. Depending on your adminstrator, you can change the trust status of a certificate or PGP key.

A certificate can be explicitly trusted (the certificate itself is trusted), implicitly trusted (the root certificate in the certificate chain is trusted on your BlackBerry smartphone), or not trusted (the certificate isn't explicitly trusted and the root certificate in the certificate chain isn't trusted or doesn't exist on your smartphone).

A PGP key can be explicitly trusted (the PGP key itself is trusted), implicitly trusted (the PGP key is associated with a private key on your smartphone), or not trusted (the PGP key isn't explicitly trusted and isn't associated with a trusted PGP key on your smartphone, and a chain of digital signatures to a trusted key doesn't exist).

Related information

Change the trust status of a certificate or PGP key, 309

305

Page 305
Image 305
Blackberry REX41GW manual Certificates and PGP keys, About certificates and certificate enrollment, About PGP keys