BlackBerry Curve 8530 8520 - Key stores

background image

Key stores

About the key store

The key store on your BlackBerry® device might store the following items. To access these items in the key store, you must type a key store
password.

personal certificates (certificate and private key pairs)

certificates that you download using the certificate synchronization tool of the BlackBerry® Desktop Manager

certificates that you download from an LDAP or DSML certificate server

certificates that you download from a certificate authority profile

certificates that you import from the device memory or a media card

certificates that you add from a message

root certificates that are included in the BlackBerry® Desktop Software

personal PGP® keys (public and private key pairs)

PGP public keys that you download from an LDAP certificate server

PGP public keys that you import from the device memory or a media card

PGP public keys that you add from a message

User Guide

Security

283

background image

Change the key store password

1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Press the Menu key.
6. Click Change Password.

Synchronize the key store password with the device password

If you synchronize the key store password with the device password, when you change the device password, the key store password changes
to match it automatically.
1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Synchronize Key Store Password to Device Password field to Yes.
6. Press the Menu key.
7. Click Save.

Change when your device deletes the key store password

1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Private Key Password Timeout field.
6. Press the Menu key.
7. Click Save.

To access private keys after your BlackBerry® device deletes the key store password, you must type your key store password.

Add contacts to your contact list automatically when you add items to the key store

1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Key Store Address Injector field to Enabled.
6. Press the Menu key.
7. Click Save.

User Guide

Security

284

background image

Change the service that your device uses to download certificates

Depending on your organization, you might not be able to change the service that your BlackBerry® device uses to download certificates. For
more information, contact your administrator.
1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Certificate Service field.
6. Press the Menu key.
7. Click Save.

Turn off automatic backup and restore of key store data

By default, items in the key store on your BlackBerry® device are backed up or restored when you back up or restore your device data. If you
do not want to back up your private key to or restore your private key from your computer for security reasons, you can turn off automatic
backup and restore of key store data.
1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Allow Key Store Backup/Restore field to No.
6. Press the Menu key.
7. Click Save.

To turn on automatic backup and restore of key store data, change the Allow Key Store Backup/Restore field to Yes.

Change the refresh rate for certificate revocation lists

1.

On the Home screen or in a folder, click the Options icon.

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Certificate Status Expires After field.
6. Press the Menu key.
7. Click Save.

Your BlackBerry® device downloads a new revocation status automatically when your device uses a key store item with a status that is older
than the time limit that you set.

Reject certificate revocation lists from unverified CRL servers

1.

On the Home screen or in a folder, click the Options icon.

User Guide

Security

285

background image

2. Click Security Options.
3. Click Advanced Security Options.
4. Click Key Stores.
5. Change the Accept Unverified CRLs field to No.
6. Press the Menu key.
7. Click Save.

Your BlackBerry® device rejects certificate revocation lists from CRL servers that the BlackBerry® MDS Connection Service cannot verify.