Thursday, October 27, 2011

Generate X.509 CER File For #webOS Using openssl

Recently I've got a problem with SSL certificate for outgoing mail server on my Palm Pre. Here's what the error look like:

I looked around in the internet to find a solutions, then I found this page (forgot about the link, but I'm certain that was Palm Support page) that says mail server's certificate should be in X.509 (CER) file format:

Already asked System Administrator to send me the file, but it takes too long. So initiatively I look another way to provide the certificate file myself, and I can do it using openssl command in Ubuntu Linux (You can use openssl in Windows as well). First, I create a script that generate the certificate I need from mail server, name the file any name you want (you can see in the script I used
# usage: [port]

echo |\
openssl s_client -connect ${REMHOST}:${REMPORT} 2>&1 |\
Add execute (+x) on file properties, then run the files:
$ chmod +
$ ./ mail.server.hostname 465 >> coid.cer
As you can see, I'm adding '>> mycert.cer' to save the results directly to mycert.cer file, at the command above. Sure I can add this to the script, but this way I can generate any file name I want :)

Then, you must convert that .cer file into X.509 format:
$ openssl x509 -in coid.cer -out coidx509.cer
And you're finish. You can send coidx509.cer file via email that already setup on your Pre, or you can transfer it via USB mode and open it using Internalz.

When you tap on that file, Certificates Manager window will open and ask what do you want to do with it:

Just tap on 'Trust Certificate'. If you want to see it later, open 'Device Info' on your launcher, then tap drop-down menu on top left, tap on 'Certificate Manager...'

That's it. I setup my mail account once again, and sure it can sent email without any error :)

No comments:

Post a Comment

Hi, for all of those who already put comments on my blog post, thanks.. really appreciate it. And for those who have not, just put your comments here :)