- BlackBerry Enterprise Server 5.0 SP3
- DT 1649532
Even though the BlackBerry® MDS Connection Service has been configured to allow access to untrusted HTTPS servers, attempting to browse to some HTTPS websites may result in the following error message:
Your MDS has been configured to deny SSL requests to servers that have certificates which are untrusted or expired. Try using device side SSL which can be modified in your TLS Options.
When this error is received on the BlackBerry smartphone the following will be printed in the MDAT log:
<2011-06-07 13:19:46.811 EDT>::<MDS-CS_SERVERNAME_MDS-CS_1>:<DEBUG>:<LAYER = IPPP, Access Denied: Insecure SSL Request>
Configure the following IT policy rules:
- TLS Disable Invalid Connection = Prompt
- TLS Disable Weak Ciphers = Prompt
- TLS Prevent Unmatched Domain Name = Prompt
- TLS Device Side Only = Yes
- TLS Disable Weak Digests = Prompt
- TLS Disable Untrusted Connection = Prompt
By downloading, accessing or otherwise using the Knowledge Base documents you agree:
(b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.
Visit the BlackBerry Technical Solution Center at www.blackberry.com/btsc.