Monday, April 15, 2013

Getting Windows RT to work with IBM Notes Traveler 9 and a Domino self-signed SSL cert.

Over the weekend I had the opportunity to upgrade my administration server and production/test Traveler server to the new and improved IBM Domino 9 and IBM Notes Traveler 9.  Now, with fresh social scent!
Being that I had things upgraded to the latest and greatest, I wanted to take advantage of setting up our test Windows RT device we have in the office with the new server.  I found on the wiki that the steps seemed pretty straight forward, (see Wiki article here), and followed the instructions to the best of my ability.  Everything seemed to work okay, that was until I tried to get the self-signed certificate installed correctly.  It just wouldn't take for some reason.  I was running Internet Explorer as a local administrator and it had given me the message the the import was working correctly, but anytime I would go into the website, the address was still coming up in red with the certificate error message.  What I found after playing with it for a while was that I was selecting the wrong cert.  The wiki steps list:
  1. Click View certificates.
  2. Click Install certificate. The Certificate Import Wizard displays.
  3. Leave Store Location as the current user.
  4. Select Place all certificates in the following store, then click Browse to select Trusted Root Certification Authorities.
  5. Complete the wizard.
  6. Click Yes to install the certificate. 
But, what it doesn't list is to do this:
  1. Click View certificates
  2. Click on Certification Path
  3. Under Certification Path window, select your root certificate name for your self-signed certificate, (it's the one above the server name).  You should see under Certificate status it say, "The CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store."
  4. Once selected, click on View Certificate
  5. Click Install certificate. The Certificate Import Wizard displays. Click Next.
  6. Leave Store Location as the current user.
  7. Select Place all certificates in the following store, then click Browse to select Trusted Root Certification Authorities.
  8. Complete the wizard.
  9. Click Yes to install the certificate. 
  10. You should see the prompt that the install was successful
  11. Click Ok to close out the windows
  12.  Now, continue on with the rest of the wiki.
 I've tried to get screen captures off the RT to but, it had too much "company" data in it.  Was like looking at a declassified CIA document.  But, if you get stuck trying to set one of those devices up, give these steps a try.



4 comments:

Anonymous said...

Where did the Wiki go? Says topic cannot be found.

Anonymous said...

Typical IBM.

Andy Donaldson said...

Well, it is. Remove documents and leave no forwarding URL.

digital id said...

Very helpful article ! I was always curious about all these complex algorithms that are being used in these ssl encryptions.