Certificate management
Digital certificates do not guarantee safety; they are used
to verify the origin of software.
Glossary: Digital certificates are used to verify the
origin of the XHTML or WML pages and installed
software. However, they can only be trusted if the
origin of the certificate is known to be authentic.
In the certificate management main view, you can see a
list of authority certificates that are stored in your phone.
Press
to see a list of personal certificates, if available.
Options in the certificate management main view
are
Certificate details
,
Delete
,
Trust settings
,
Mark/Unmark
,
Help
, and
Exit
.
Digital certificates should be used if you want to connect
to an online bank or another site or remote server for
actions that involve transferring confidential information.
They should also be used if you want to reduce the risk of
viruses or other malicious software and be sure of the
Tools
112
Copyright © 2005 Nokia. All rights reserved.
authenticity of software when downloading and installing
software.
Important: Even if the use of certificates makes the
risks involved in remote connections and software
installation considerably smaller, they must be used
correctly in order to benefit from increased security. The
existence of a certificate does not offer any protection by
itself; the certificate manager must contain correct,
authentic, or trusted certificates for increased security to
be available. Certificates have a restricted lifetime. If
Expired certificate
or
Certificate not valid yet
is shown
even if the certificate should be valid, check that the
current date and time in your device are correct.
View certificate details—check authenticity
You can only be sure of the correct identity of a server
when the signature and the period of validity of a server
certificate have been checked.
You are notified on the phone display if the identity of the
server is not authentic or if you do not have the correct
security certificate in your phone.
To check certificate details, scroll to a certificate, and
select
Options
>
Certificate details
. When you open
certificate details, the validity of the certificate is
checked, and one of the following notes may be displayed:
•
Certificate not trusted
—You have not set any
application to use the certificate. See ‘Change the trust
settings’, p. 112.
•
Expired certificate
—The period of validity has ended
for the selected certificate.
•
Certificate not valid yet
—The period of validity has
not yet begun for the selected certificate.
•
Certificate corrupted
—The certificate cannot be used.
Contact the certificate issuer.
Change the trust settings
Before changing any certificate settings, you must make
sure that you really trust the owner of the certificate and
that the certificate really belongs to the listed owner.
Scroll to an authority certificate, and select
Options
>
Trust settings
. Depending on the certificate, a list of the
applications that can use the selected certificate is shown.
For example:
•
Symbian installation
:
Yes
—The certificate is able to
certify the origin of a new Symbian operating system
application.
•
Internet
:
Yes
—The certificate is able to certify servers.
•
App. installation
:
Yes
—The certificate is able to certify
the origin of a new Java application.
Select
Options
>
Edit trust setting
to change the value.
Tools
113
Copyright © 2005 Nokia. All rights reserved.