Certifiably Secure


If you'd like to check your .Mac account or Gmail securely (over SSL) with a SonyEricsson phone, I've put up a HOWTO with the details.

I had figured out that the phones accepted DER-formatted certificates for a few weeks now (it's actually buried somewhere in a note in a SonyEricsson developer forum), but it wasn't until I saw Branimir's notes that it hit me that I had been trying to import a server certificate and not the CA's.

So I mentally kicked myself in the shins, looked up the s_client options and, sure enough, there was a way to dump the entire certificate chain. Davi has since simplified the process for those of you who already have certificates in Keychain Access, but I didn't have a Mac handy and prefer using openssl anyway.

I tested this on a K750i (which, incidentally, is hitting the shops in Europe, according to a friend of mine who is in Amsterdam today), and within a couple of hours of posting the HOWTO I received confirmation of this working on a V800, its unbranded variant (the K800) and a couple of other phones (including US editions).


See Also: