Skip Navigation

Create a trusted connection with
Microsoft Exchange
and other servers that BEMS must communicate with

By default, BEMS is only aware of public CA certificates. If you enable email notifications for
BlackBerry Work
and your organization’s
Microsoft Exchange Server
doesn’t use an SSL certificate issued by a trusted CA, the connection between your
BEMS
instance and
Microsoft Exchange Server
isn’t trusted. To create a trusted connection to the
Microsoft Exchange Server
upload the server’s SSL certificates (or the root or intermediate certificate chain) to the
BEMS
database. You can upload a base64-encoded or binary-encoded file that includes one or more SSL certificates.
BEMS
verifies the validity of the certificates. If the certificate is revoked or its signature cannot be verified, the upload fails. When you upload a single file that includes multiple SSL certificates, the certificates are displayed in the dashboard and can be deleted and replaced individually as required.
BEMS
supports the following file extensions: .der, .cer, .pem, and .crt. For information about creating a .pem file that includes multiple certificates, see KB 57259. You import the certificates using one of the following methods: