Import the
BlackBerry Proxy
CA certificate into the
Java
keystore on
BEMS

Save a copy of the certificate that you exported to a convenient location on the computer that hosts

BEMS

(for example, C:\bemscert). For instructions, see Export the BlackBerry Proxy CA certificate chain to your desktop.

On the computer that hosts

BEMS

, verify the

Java

directory is specified in the JAVA_HOME system environment variable. In a command prompt, change to the %JAVA_HOME% folder. Type

cd %JAVA_HOME%

. For more information, see Set an environment variable for the Java location in the installation content.

Make a backup of the

Java

keystore file. The

Java

keystore file is located at

%JAVA_HOME%\lib\security\cacerts

, where JAVA_HOME is confirmed in Step 1.

Import the exported

BlackBerry Control

BlackBerry Proxy

root certificate. In a command prompt, type

bin\keytool.exe -importcert -trustcacerts -file"<drive>:\bemscert\bproot.cer" -keystore lib\security\cacerts -alias gdca -storepass changeit

The -alias value must be unique in the destination keystore. If it is duplicated, you might experience import errors. You can output the cacerts keystore to a text file to manually confirm the existing certificates using a text editor. Type bin\keytool.exe -list -v -keystore lib\security\cacerts > c:\bemscert\cacertsoutput.txt

For more information about keystore commands, see Keystore commands.

If you do not specify the -keystore parameter correctly or omit it, the keytool creates a new keystore.

BEMS

services do not use the new keystore.”

If you did not import the

BlackBerry Control

root certificate into the

Windows

keystore, import it now. For instructions, see Import the BlackBerry Proxy CA certificate to the BEMS Windows keystore.

Restart the

Good Technology Common Services

service in the