Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry AtHoc
  3. 7.15
  4. Smart Card Authentication
  5. Appendix A: Retrieve certificate information

Appendix A: Retrieve certificate information

You can retrieve certificate information using the following two methods:
  • Use the test page in the management system
  • Use a sample certificate

Use the test page in the management system

For
BlackBerry AtHoc
 release 6.1.8.88 and later releases, the test page is located at:
https://<server>/client/smartcard/info
For BlackBerry AtHoc release 6.1.8.87 and earlier releases, the test page is located at:
https://<server>/client/auth/ccd
If this test URL does not work, enable verbose logging and search the
BlackBerry AtHoc
 event log for the certificate details. Search for the AuthController module, or the GetCACMID member. Turn off verbose logging after finding the certificate details.
For
BlackBerry AtHoc
 release 6.1.8.84 and earlier releases, check the
servervars.asp
 file at:
https://<server>servervars.asp

Use a sample certificate

Have the customer provide a sample of the certificate to determine if the regular expression can parse the MID. You may need to request several samples for comparison.
To open a customer’s certificate, complete the following steps:
  1. From the
    Start Menu
    , type
    MMC
     in the search area and press
    Enter
    .
  2. Once the MMC is open, click
    FILE
     and select
    Add / Remove Snap-in
    .
  3. Select the Certificates Snap-in on the left hand side and click
    Add
    .
  4. When prompted, select
    My user account
    .
  5. Click
    Finish
    .
  6. Click
    OK
     to close the menu and return to the main console page.
  7. Find the user’s certificate and open it.
  8. On the
    Certificate
     window, click the
    Details
     tab.
  9. Ensure
    Show:
     is set to
    <All>
    .
  10. Scroll down and select
    Subject
    . The MID is displayed in the field below. It is displayed beside the value for CN.
  11. Copy the details or click
    Copy to File...
    . The information in CN is used to determine the proper regular expression to use, which will overwrite the existing value in glb_config_tab.
Some customers with OnPrem systems use more than one type of smart card and will already use one of the regular expressions successfully. In this case, it is necessary to coordinate with the customer on which regex to update (CAC_REGEX or ALT_HTTP_CAC_REGEX) when you have a solution for the CAC/PIV with the issue.
Try to obtain three or four user certificates and compare them.