Support Knowledgebase

Get better support by selecting a specific product

Product Selector
Certificate Modification Tool for enterprise and advanced end-users

Certificate Modification Tool for enterprise and advanced end-users

Article ID: 43375

Download

PalmCertificatesTool.zip (.01MB)

Description & Features

Released March 15, 2007

What is this software?

Warning

This tool is intended for IT administrators. End-customers without SSL server certificate management experience should not use this tool. Modification of SSL settings on your Palm device may cause email and web browsing to stop working.

If you are receiving SSL errors as specified in Palm KB 16733, it is likely because you are using a custom or self-signed certificate which is not included in the root certificate list on the device. The error messages are occurring because VersaMail cannot match the Certificate Authority of your SSL Certificate to the approved list as specified in Palm KB 16733.

With the PalmOS Root Certificate Modification tool, you now have the option to add a root certificate to the database on the device, allowing VersaMail to "see" the certificate in the database and validate/allow email traffic. Follow the instructions below to use the PalmOS Root Certificate Modification Tool and add your certificate to the device.

This tool contains the 51 most common CA root certificates.

System Requirements

Compatible Palm devices

  • Centro smartphone
  • Treo 755p smartphone
  • Treo 700p smartphone
  • Treo 680 smartphone
  • Treo 650 smartphone with VersaMail 3.5 add-on
  • Warning: This modification tool is only for use with these devices. Do not use this tool with other devices.

Other Requirements

  • Installation of the custom certificate database requires Palm HotSync and Palm Quick Install.
  • Subsequent system requirements are Windows 2000 or XP with Palm Desktop installed. This tool is not compatible with Windows Vista.
  • Root certificate to be added to the device must be obtained from the server.
  • The person using this tool must have administrative privileges on the desktop machine on which Palm Desktop is installed.
  • The user must have the certificate to be added to the device locally available on the PC with Palm Desktop installed.
  • GoDaddy Class 2 certificates do not work with Palm OS devices.
  • SSL v3 certificates which rely on the Subject Alternate Name field to do load balancing across virtual site names do not work with Palm OS devices.

How To Install

First, get the certificate:

Obtain the root certificate that you would like to add to the device from the server.

From Internet Explorer on the server that contains the Trusted Root Certificate Authority, choose Tools > Internet Options. Click the Content tab. Then click the Certificates button.

From the Trusted Root Certificate Authorities tab, select whichever certs you want. Click the Export button.

Click Next. Leave the default DER encoded x.509 cert. Give it a file name and choose the location to export the certificate using "Browse…"

Click Finished. You should see a prompt saying the export was successful.

Next, move the file to the local desktop PC:

Move the certificate from the server to the desktop PC that has HotSync Manager installed.

You can use a flash drive, send it as an email attachment, post it on a shared drive, etc. The certificate will be added to the device through HotSync, so it needs to be locally available after obtaining it from the server.

Once it's available on your desktop PC, you can follow the instructions below to use the Certificate Modification Tool to sync the certificate to your device.
Important: turn off AutoSync and reset your device before proceeding.

Turn off AutoSync

Open VersaMail on the device, and go to Menu > Options > Preferences > AutoSync. Disable AutoSync if it is enabled.

Reset the device

Perform a soft reset by removing/replacing the battery. Do not perform a VersaMail Sync or open VersaMail after the reset; leave the device idle in the phone application screen.

After you've turned off AutoSync and reset your device:

On your PC, download PalmCertificates.zip (right).

Extract the file to the C:\ directory. The extraction process will extract two files:

  • PalmCertificates.exe
  • cert2pdb.exe.

Open the C:\ directory, and create a folder to store these files, for instance, "palm_certificates." Move the PalmCertificates.exe and cert2pdb.exe. files into this folder.
PalmCertificatesTool.zip
.01MB Zip archive

From this folder, double click "PalmCertificates.exe" to run the utility.

Select "Add..."

Browse to locate the certificate(s) you would like to add to the device (.cer file type). A certificate entitled "aba" is shown below as an example.

Select the certificate and click "Open."

Select "Generate PDB" to convert the certificate to a Palm Database File.

The Palm Quick Install window will open showing the certificate database to be added to the device. Select the HotSync username associated with the device from the drop down.

HotSync your device to install the new certificate.

Perform a soft reset.

The new certificate has now been added to the device.
Need help? Seeing an error?

Was this helpful?
Thank you for your feedback.
Article ID:
43375

Relevant Products: Centro centro, Treo 755p, Treo 700p, Treo 680