Using certificates with PEAP authentication, EAP-TLS authentication, or EAP-TTLS authentication
If your organization uses PEAP authentication, EAP-TLS authentication, or EAP-TTLS authentication to protect the wireless access points for your organization’s enterprise Wi-Fi® network, a Wi-Fi enabled BlackBerry® device must authenticate mutually with an access point using an authentication server. To generate the certificates that the BlackBerry device and authentication server use to authenticate with each other, you require a certification authority.
- A certification authority that the BlackBerry device and authentication server mutually trust must generate the certificate of the authentication server and a certificate for the BlackBerry device.
- The BlackBerry device must store the root certificates in the certificate chain for the certificate of the authentication server.
Each BlackBerry device stores a list of root certificates that are issued by certification authorities that it explicitly trusts.