Help Center

Local Navigation

Using certificates with PEAP authentication, EAP-TLS authentication, or EAP-TTLS authentication

If your organization uses PEAP authentication, EAP-TLS authentication, or EAP-TTLS authentication to protect the wireless access points for your organization’s enterprise Wi-Fi® network, a Wi-Fi enabled BlackBerry® device must authenticate mutually with an access point using an authentication server. To generate the certificates that the BlackBerry device and authentication server use to authenticate with each other, you require a certification authority.

For PEAP authentication, EAP-TLS authentication, or EAP-TTLS authentication to be successful, the BlackBerry device must trust the certificate of the authentication server. The BlackBerry device does not trust the certificate of the authentication server automatically. Before you can configure the BlackBerry device to trust the certificate of the authentication server, the following conditions must exist:
  • A certification authority that the BlackBerry device and authentication server mutually trust must generate the certificate of the authentication server and a certificate for the BlackBerry device.
  • The BlackBerry device must store the root certificates in the certificate chain for the certificate of the authentication server.

Each BlackBerry device stores a list of root certificates that are issued by certification authorities that it explicitly trusts.


Was this information helpful? Send us your comments.