I'm getting it to. I actually emailed the guy in there. A TMobile reply said reinstalling OS might fix it. I'm running a leak. Are you guys? I'm wondering if it has something to do with running the leak.
I'm on T-Mobile, with a T-Mobile branded Bold 9780 running the stock OS v6.0.0.285, with no third party software installed (other than Google Maps) and I'm getting prompted with the same Untrusted Certificate message when I run Google Maps. I did a re-installation of the OS already and I'm still encountering the same issue.
It seems to have something to do with Google Maps and accepting the certificate and accepting the security permissions desired for it. Once that is done I guess it goes away for good.
I bugged a TMobile dude by email again and that's pretty much what he said.
Thanks, Phill. Not that I don't trust you, but I did talk to my BESx admin and he said the same thing. Important to not forget this password (like most others). After trusting the cert, it appeared in the certificate list with a orange question mark on it. Selecting the cert allows you to verify the chain (or something like that) which for me then changed the indication to a green check mark. Case closed, I believe.
Doesn't help. Warning still pops up even after trusting the certificate.
Originally Posted by stardomains
It seems to have something to do with Google Maps and accepting the certificate and accepting the security permissions desired for it. Once that is done I guess it goes away for good.
I bugged a TMobile dude by email again and that's pretty much what he said.
Talked to our Tier-2 support rep. Turns out it is not berryweather or google maps (which causes the same issue for me). Instead, it is whenever you are connecting to server lbo.geo.t-mobile.com which is used for location based data services. Their security certificate for that server expired this morning. This is an issue on T-Mobile's end. Our guy forwarded it on to the security team, and as soon as I hear back an ETA or when it is completed I will post back here!
Posted from my CrackBerry at wapforums.crackberry.com
This is very bad advice. The certificate is used to ensure that in fact the data being exchanged is with a legitimate server (in this case T-Mobile). SSL is the foundation upon which all data transactional security is based. Whethere you are making a purchase or exchanging location specific data with anyone this certificate is used to Encrypt the data between systems. To simply accept as trustworthy this certificate negates this security.
So far this is working for me: I trusted the certificate and made a password, then I went to Options, Security, Advanced Security Settings, Key Stores. Once I got to Key Stores, I scrolled down to "certificate status" where it was set at "Expires after: four hours." I changed the "four hours" to "never." It asked me for my password (I used the one I just made) and permission to make the change, which I gave. I haven't seen the prompt since. It's only been half a day, but usually I would have seen it several times by now. Hope this info helps.
This is very bad advice. The certificate is used to ensure that in fact the data being exchanged is with a legitimate server (in this case T-Mobile). SSL is the foundation upon which all data transactional security is based. Whethere you are making a purchase or exchanging location specific data with anyone this certificate is used to Encrypt the data between systems. To simply accept as trustworthy this certificate negates this security.
Thanks for the lecture, but I already know what certificates are for.
This is T-Mobile we're talking about here, not some dodgy, unknown entity.
So, how unsafe can an already previously trusted certificate that's just expired be?
Posted from my CrackBerry at wapforums.crackberry.com
