1. USCTrojan4JC's Avatar
    Hi Everyone,

    I keep getting an error on anything that uses GPS (Google Maps, BlackBerry Maps, Camera).

    It says:

    *************
    You are attempting to open a secure connection, but the server's certificate is not trusted.

    Continue
    Close Connection
    View certificate
    Trust certificate
    *************

    I usually just click "Continue".

    Clicking "View certificate" displays the following:

    X lbs.geo.t-mobile.com
    ------------------------
    Untrusted Cert Chain
    Stale Chain Status
    ------------------------
    Revocation Status:
    Unknown
    Trust Status:
    Not Trusted
    Expiration Date:
    Fri, Jan 14, 2011 3:03:13 AM
    Certificate Type:
    X509
    Public Key Type:
    RSA 1024
    Subject:
    CN=lbs.geo.t-mobile.com
    OU=EIT
    O=T-Mobile USA
    L=Bothell
    ST=WA
    C=US
    E=gene.kenney@t-mobile.com
    Issuer:
    CN=T-Mobile USA Issuer CA 02
    DC=gsm1900
    DC=org
    Serial Number:
    (Chose not to type this out)
    Key Usage:
    Digital Signature
    Key Encipherment
    Server Authentication
    Signature Algorith:
    RSA_PKCS1/SHA1
    SHA1 Thumbprint:
    AEA8 C658 1D5B 6A48 3FA5 2269
    E2BF 9CB8 9C53 1FDE
    MD5 Thumbprint:
    6408 E036 B662 0C40 21C4 8E69
    D712 6AF4


    What should I do?

    I am on T-Mobile 6.0.0.285. I don't know if this matters, but I unlocked my phone through expressunlockcode.com.

    Thanks in advance for your time and help!

    God bless,
    Loren
    11-30-10 09:41 PM
  2. mqchards's Avatar
    I'm getting the same thing with the same OS on TMO, phone is branded. I'm on a BESx so I'm wary of trusting the certificate.
    12-02-10 10:09 AM
  3. stardomains's Avatar
    I'm getting it to. I actually emailed the guy in there. A TMobile reply said reinstalling OS might fix it. I'm running a leak. Are you guys? I'm wondering if it has something to do with running the leak.
    12-02-10 11:47 AM
  4. jluism919's Avatar
    I'm on T-Mobile, with a T-Mobile branded Bold 9780 running the stock OS v6.0.0.285, with no third party software installed (other than Google Maps) and I'm getting prompted with the same Untrusted Certificate message when I run Google Maps. I did a re-installation of the OS already and I'm still encountering the same issue.
    12-02-10 01:15 PM
  5. mqchards's Avatar
    Not running a leak. Stock OS .285
    12-02-10 01:53 PM
  6. stardomains's Avatar
    It seems to have something to do with Google Maps and accepting the certificate and accepting the security permissions desired for it. Once that is done I guess it goes away for good.

    I bugged a TMobile dude by email again and that's pretty much what he said.
    12-02-10 05:40 PM
  7. Phill_UK's Avatar
    Simple solution... Trust the certificate!
    mqchards likes this.
    12-02-10 05:45 PM
  8. USCTrojan4JC's Avatar
    Simple solution... Trust the certificate!
    I don't have a password set to trust a certificate. I don't want it prompting me to begin with.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-02-10 06:09 PM
  9. Phill_UK's Avatar
    I don't have a password set to trust a certificate. I don't want it prompting me to begin with.
    Create a password then

    Options > Security > Advanced Security Settings > Key Stores

    Once you've set a password, trust the certificate... and it won't prompt you again

    Posted from my CrackBerry at wapforums.crackberry.com
    jwinn3 likes this.
    12-02-10 06:26 PM
  10. mqchards's Avatar
    Thanks, Phill. Not that I don't trust you, but I did talk to my BESx admin and he said the same thing. Important to not forget this password (like most others). After trusting the cert, it appeared in the certificate list with a orange question mark on it. Selecting the cert allows you to verify the chain (or something like that) which for me then changed the indication to a green check mark. Case closed, I believe.
    12-02-10 08:57 PM
  11. USCTrojan4JC's Avatar
    I never had to trust a certificate to use anything that used the GPS on my Curve 8900.

    Posted from my CrackBerry at wapforums.crackberry.com
    12-03-10 12:32 AM
  12. stardomains's Avatar
    I erased Google Maps and restarted. The certificate popup came up again.

    I wound up just trusting it and making the new password. I don't know what's going on but it sure is strange.
    12-03-10 11:34 AM
  13. ralfyguy's Avatar
    I never did get a prompt to trust the certificate. Only continue and close connection.
    01-15-11 03:59 PM
  14. shupor's Avatar
    Simple solution... Trust the certificate!
    Doesn't help. Warning still pops up even after trusting the certificate.

    It seems to have something to do with Google Maps and accepting the certificate and accepting the security permissions desired for it. Once that is done I guess it goes away for good.

    I bugged a TMobile dude by email again and that's pretty much what he said.
    See explanation in thread below

    http://forums.crackberry.com/f146/ce...xpired-575941/

    Talked to our Tier-2 support rep. Turns out it is not berryweather or google maps (which causes the same issue for me). Instead, it is whenever you are connecting to server lbo.geo.t-mobile.com which is used for location based data services. Their security certificate for that server expired this morning. This is an issue on T-Mobile's end. Our guy forwarded it on to the security team, and as soon as I hear back an ETA or when it is completed I will post back here!

    Posted from my CrackBerry at wapforums.crackberry.com
    01-17-11 03:55 PM
  15. ralfyguy's Avatar
    You would think that it can't be that difficult for them to go into the certificate and add 10 years to it.
    01-17-11 06:08 PM
  16. ralfyguy's Avatar
    It still doesn't work right. Unbelievable.
    02-25-11 05:30 PM
  17. SaintThomasAquinas's Avatar
    Simple solution... Trust the certificate!
    Phil,

    This is very bad advice. The certificate is used to ensure that in fact the data being exchanged is with a legitimate server (in this case T-Mobile). SSL is the foundation upon which all data transactional security is based. Whethere you are making a purchase or exchanging location specific data with anyone this certificate is used to Encrypt the data between systems. To simply accept as trustworthy this certificate negates this security.
    04-06-11 10:53 AM
  18. GlennJake's Avatar
    So far this is working for me: I trusted the certificate and made a password, then I went to Options, Security, Advanced Security Settings, Key Stores. Once I got to Key Stores, I scrolled down to "certificate status" where it was set at "Expires after: four hours." I changed the "four hours" to "never." It asked me for my password (I used the one I just made) and permission to make the change, which I gave. I haven't seen the prompt since. It's only been half a day, but usually I would have seen it several times by now. Hope this info helps.
    05-31-11 07:42 AM
  19. Phill_UK's Avatar
    Phil,

    This is very bad advice. The certificate is used to ensure that in fact the data being exchanged is with a legitimate server (in this case T-Mobile). SSL is the foundation upon which all data transactional security is based. Whethere you are making a purchase or exchanging location specific data with anyone this certificate is used to Encrypt the data between systems. To simply accept as trustworthy this certificate negates this security.
    Thanks for the lecture, but I already know what certificates are for.

    This is T-Mobile we're talking about here, not some dodgy, unknown entity.

    So, how unsafe can an already previously trusted certificate that's just expired be?

    Posted from my CrackBerry at wapforums.crackberry.com
    07-29-11 05:46 AM
LINK TO POST COPIED TO CLIPBOARD