Blackberry - untrusted


#1

Hey!

I am a (proud) owner of an BlackBerry Q10 (OS version 10.3.2) and get a certificate warning when visiting helloworld.letsencrypt.org.
After some research I found out that BlackBerry might be one of the last remaining OS/Tools which seem to not trust letsencrypt as a CA.

What can be done? Just wait until BlackBerry decides to import/trust the CA or is there something else which can be done (no, importing the chain is not an option :wink: )

Thanks,
Josef


#3

Same Problem here…

I think the BlackBerry does not known about the “bridge trust”, the intermediate from lets encrypt is signed from a second root (forgot the signers name) to be trusted even when the letsencrypt root is not imported.

BlackBerry should really Patch their Browser soon.


#4

That’s correct - the root certificate currently used for cross-signing (as well as the ISRG root) is not included in the root certificate list BlackBerry ships with their devices. Someone mentioned asking BlackBerry about this a while ago, and they indicated that they’d look into adding the root certificate, but I haven’t seen anything more official or an ETA.


#5

BlackBerry 10.3.3 will have Let’s Encrypt trust built in, but if you are running 10.3 - 10.3.2 you can import all eight required certificates for full LE trust with just two clicks using my totally free BlackBerry 10 Native app multiCERT.

Cheers.


#6

Support for Let’s Encrypt has arrived in BlackBerry 10.