Picking up my e-mail on my new Nokia Communicator 9500 was becoming annoying, because the self-signed certificate on my mail server is untrusted by my device. In these circumstances, the 9500 will ask you evey time it picks up your e-mail whether this untrusted certificate should be used. Unfortunately, it offers no option to register the certificate as trusted until its expiry.
If you’re in a similar situation and, assuming you’re running Linux on your mail server, here’s what to do.
Firstly, convert the mail certifcate from PEM to DER format:
openssl x509 -in /usr/share/ssl/certs/mail.pem -inform PEM -out /tmp/mail.der -outform DER
Next, copy the DER certificate from your mail server to your phone. I scp’ed it from my mail server to my laptop and then sent it via Bluetooth to my phone, where I saved it to my MMC card.
Finally, go to Control Panel|Security|Certificate manager on the 9500 and select Add. Select the file containing your certificate and add it. You should now be able to see it in the list of certificates. Now, select your certificate from the list and choose View details followed by Trust settings. Change the setting for Secure networking from No to Yes.
At this point, you should be able to pick up your e-mail without confirming each time that you want to trust the untrusted certificate. If it still doesn’t work, make sure that you have filled in as the server name the exact same name used in the certificate, not an alias that points to the same IP address. The 9500 will use the certificate only if the server name it contains matches that in your e-mail settings.