Administration Guide

Local Navigation

Configure support for notification messages over HTTPS for BlackBerry MDS Runtime Applications on BlackBerry devices

Developers can use the BlackBerry® Mobile Data System development tools to create BlackBerry® MDS Runtime Applications that can receive notification messages from a web service over HTTPS. To permit notification messages over HTTPS, the BlackBerry MDS Runtime Application must subscribe to the web service over HTTPS. If the subscription to the web service is done over HTTP, the notification messages are received over HTTP.

If you install BlackBerry MDS Runtime Applications that support notification messages over HTTPS on BlackBerry devices in your organization's environment, you must configure the BlackBerry MDS Integration Service and the notification client to support notification messages over HTTPS.

To configure support for notification messages over HTTPS, you must import the X.509 security certificate for the notification web service into the trust store of the BlackBerry MDS Integration Service. You must then import the X.509 security certificate for the BlackBerry MDS Integration Service into the trust store of the JVM that runs the notification client. The X.509 security certificate for the notification web service is used to complete an SSL handshake between the BlackBerry MDS Integration Service and the notification web service. The X.509 security certificate for the BlackBerry MDS Integration Service is used to complete an SSL handshake between the notification client and the BlackBerry MDS Integration Service.

By default, the BlackBerry MDS Integration Service uses port 7092 for incoming notification messages over HTTPS.

Import the X.509 certificate for the web service into the trust store of the BlackBerry MDS Integration Service

Before you begin: Export the X.509 security certificate for the notification web service in .der file format and save the X.509 security certificate in the local file system.
  1. In the BlackBerry® Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view > MDS Integration Service.
  2. Click the instance that you want to change.
  3. In the Certificates list, click Add new certificates.
  4. In the Alias name field, type a name for the certificate.
  5. In the Data source file section, click Browse.
  6. Navigate to the X.509 security certificate that you want to add.
  7. Click Add certificate.
After you finish: Permit BlackBerry MDS Runtime Applications to access web services using HTTPS.

Import the X.509 certificate for the BlackBerry MDS Integration Service into the trust store of the JVM that runs the notification client

  1. Using a web browser, browse to https://<BlackBerry_MDS_Integration_Service_cluster_name>:7443 By default, 7443 is the communications port that is used for HTTPS. If you changed this port when you installed the BlackBerry® MDS Integration Service, use the port number that you specified.
  2. Export the X.509 security certificate for the BlackBerry MDS Integration Service and store the certificate on your local file system.
  3. At the command prompt, type cd <drive>:\<JRE_install_location>\jre\lib\security, where <JRE_install_location> is the location of the JRE™ that you use to run the web service notification client.
  4. Press the Enter key.
  5. At the command prompt, type keytool -import -alias -mdsis_notifications -keystore ./cacerts -trustcacerts -file <location_of_BlackBerry_MDS_Integration_Service_certificate>, where <location_of_BlackBerry_MDS_Integration_Service_certificate> is the location of the X.509 security certificate for the BlackBerry MDS Integration Service.
  6. Press the Enter key.
After you finish: Restart the web service notification client.

Was this information helpful? Send us your comments.