Configure the certificate information using IT policies
You must configure the certificate information that BlackBerry devices can use to create certificate requests so that the certificate enrollment process can occur.
If you configured the BlackBerry MDS Connection Service to retrieve the status of the certificates using an OCSP server or a CRL server and pull authorization is turned on, devices may not be able to enroll some certificates over the mobile network. The devices might not be able to enroll some certificates because, devices that initiate the request to the web addresses follow pull authorization rules that restrict access to some of the web addresses for OCSP servers and CRL servers.
- In the BlackBerry Administration Service, on the BlackBerry solution management menu, expand Policy.
- Click Manage IT policies.
- Click an IT policy.
- Click Edit IT policy.
- On the Certificate Authority Profile tab, change the appropriate values for the IT policy rules.
- Click Save All.
After you finish: For more information about the IT policy rules, see the BlackBerry Enterprise Server Policy Reference Guide.
Related concepts