Blackberry Bold 5 User Manual
Have a look at the manual Blackberry Bold 5 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 57 Blackberry manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
5. Highlight a PGP key. 6. Press the Menu key. 7. Click Send via Email or Send via PIN . Delete a PGP key 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP Keys . 5. Highlight a PGP® key. 6. Press the Menu key. 7. Click Delete. Clear the PGP data cache The PGP® data cache contains cached PGP public keys and the PGP® Universal Server policy that your BlackBerry® device downloads from the PGP Universal Server. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click PGP. 4. Press the Menu key. 5. Click Clear Universal Cache . The next time that you send a PGP protected message, your device downloads an updated PGP Universal Server policy and updated PGP public keys from the PGP Universal Server. PGP key status PGP key status indicators : The PGP® key has a corresponding private key that is stored on your BlackBerry® device. :The PGP key is trusted and valid, and the revocation status of the PGP key is good. : The revocation status of the PGP key is unknown or the key is weak. :The PGP key is untrusted, revoked, expired, not valid, or cannot be verified. User GuideSecurity289
Check the revocation status of a PGP key 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP Keys . 5. Highlight a PGP® key. 6. Press the Menu key. 7. Click Fetch Status . Change the trust status of a PGP key 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP Keys . 5. Highlight a PGP® key. 6. Press the Menu key. 7. Click Trust or Distrust . Revoke a PGP key If you revoke a PGP® key, the PGP key is revoked only in the key store on your BlackBerry® device. Your device does not update the revocation status on the PGP® Universal Server. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP Keys . 5. Highlight a PGP® key. 6. Press the Menu key. 7. Click Revoke. 8. Click Yes. 9. Change the Reason field. 10. Click OK. PGP key revocation reasons Unknown: The revocation reason does not match any of the predefined reasons. Superseded: A new PGP® key is replacing an existing PGP key. Key Compromise: User GuideSecurity290
A person who is not the key subject might have discovered the private key value. Key Retired: The PGP key is no longer used. User ID Invalid: The user information for the PGP key is not valid. PGP key options Change the display name for a PGP key 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP keys . 5. Highlight a PGP® key. 6. Press the Menu key. 7. Click Change Label . 8. Type a display name for the PGP key. 9. Click OK. Turn off the display name prompt that appears when you add a PGP key to the key store 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP keys . 5. Press the Menu key. 6. Click Fetch PGP Keys . 7. Press the Menu key. 8. Click Options. 9. Change the Prompt for Label field to No. 10. Press the Menu key. 11. Click Save. When you add a PGP® key, your BlackBerry® device uses the name that the PGP® Universal Server set for the key when it generated the key. Turn off the fetch status prompt that appears when you add a PGP key to the key store 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click PGP Keys .User GuideSecurity291
5. Press the Menu key. 6. Click Fetch PGP Keys . 7. Press the Menu key. 8. Click Options. 9. Perform one of the following actions: • To download the revocation status of a PGP® key when you add it to the key store, change the Fetch Status field to Yes. • To add a PGP key to the key store without downloading the revocation status, change the Fetch Status field to No. 10. Press the Menu key. 11. Click Save. PGP key shortcuts • To view the label of a PGP® key, press the Space key. • To view the properties of a PGP key, press the Enter key. • To view the security level of a PGP private key, press the Alt key and L. • To view personal PGP keys, press the Alt key and P. • To view PGP keys for other people, press the Alt key and O. • To view all PGP keys, press the Alt key and A. PGP key troubleshooting I cannot download a PGP key from an LDAP certificate server Try performing the following actions: •Verify that your organization permits you to download PGP® keys from an LDAP certificate server. For more information, contact your administrator. • If you changed the connection type that your BlackBerry® device uses to connect to an LDAP certificate server, try using the default connection type. Certificate servers Add a certificate server 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificate Servers . 5. Press the Menu key. 6. Click New Server .User GuideSecurity292
7. Specify information for the certificate server. 8. Press the Menu key. 9. Click Save. Change connection information for a certificate server 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificate Servers . 5. Highlight a certificate server. 6. Press the Menu key. 7. Click Edit. 8. Change connection information for the certificate server. 9. Press the Menu key. 10. Click Save. Connection options for LDAP and DSML certificate servers Friendly Name: Type a display name for the certificate server. Server Name: Type the network address of the certificate server. Base Query: Type the base query information for the certificate server using X.509 certificate syntax (for example, o=test.rim.net). Port: Type the port number for your organization’s network. The default port number is 389. Authentication Type: Specify whether you must log in to the certificate server. Connection Type: Specify whether your BlackBerry® device uses an SSL connection or a TLS connection to connect to the certificate server. Connection options for OCSP and CRL servers Friendly Name: Type a display name for the certificate server. Server URL:User GuideSecurity293
Type the web address of the certificate server. Send connection information for a certificate server 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificate Servers . 5. Highlight a certificate server. 6. Press the Menu key. 7. Click Email Server or PIN Server . Delete a certificate server 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificate Servers . 5. Highlight a certificate server. 6. Press the Menu key. 7. Click Delete. Key stores About the key store The key store on your BlackBerry® device might store the following items. To access these items in the key store, you must type a key store password. • personal certificates (certificate and private key pairs) • certificates that you download using the certificate synchronization tool of the BlackBerry® Desktop Manager • certificates that you download from an LDAP or DSML certificate server • certificates that you download from a certificate authority profile • certificates that you import from the device memory or a media card • certificates that you add from a message • root certificates that are included in the BlackBerry® Desktop Software • personal PGP® keys (public and private key pairs) • PGP public keys that you download from an LDAP certificate server • PGP public keys that you import from the device memory or a media card • PGP public keys that you add from a messageUser GuideSecurity294
Change the key store password1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Press the Menu key. 6. Click Change Password . Synchronize the key store password with the device password If you synchronize the key store password with the device password, when you change the device password, the key store password changes to match it automatically. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Synchronize Key Store Password to Device Password field to Yes. 6. Press the Menu key. 7. Click Save. Change when your device deletes the key store password 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Private Key Password Timeout field. 6. Press the Menu key. 7. Click Save. To access private keys after your BlackBerry® device deletes the key store password, you must type your key store password. Add contacts to your contact list automatically when you add items to the key store 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Key Store Address Injector field to Enabled . 6. Press the Menu key. 7. Click Save. User GuideSecurity295
Change the service that your device uses to download certificatesDepending on your organization, you might not be able to change the service that your BlackBerry® device uses to download certificates. For more information, contact your administrator. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Certificate Service field. 6. Press the Menu key. 7. Click Save. Turn off automatic backup and restore of key store data By default, items in the key store on your BlackBerry® device are backed up or restored when you back up or restore your device data. If you do not want to back up your private key to or restore your private key from your computer for security reasons, you can turn off automatic backup and restore of key store data. 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Allow Key Store Backup/Restore field to No. 6. Press the Menu key. 7. Click Save. To turn on automatic backup and restore of key store data, change the Allow Key Store Backup/Restore field to Yes. Change the refresh rate for certificate revocation lists 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Certificate Status Expires After field. 6. Press the Menu key. 7. Click Save. Your BlackBerry® device downloads a new revocation status automatically when your device uses a key store item with a status that is older than the time limit that you set. Reject certificate revocation lists from unverified CRL servers 1. On the Home screen or in a folder, click the Options icon. User GuideSecurity296
2. Click Security Options . 3. Click Advanced Security Options . 4. Click Key Stores . 5. Change the Accept Unverified CRLs field to No. 6. Press the Menu key. 7. Click Save. Your BlackBerry® device rejects certificate revocation lists from CRL servers that the BlackBerry® MDS Connection Service cannot verify. Smart cards About using a smart card with your device Smart cards store certificates and private keys. You can use a smart card reader to import certificates from a smart card to the key store on your BlackBerry® device, but you cannot import private keys. As a result, private key operations such as signing and decryption use the smart card, and public key operations such as verification and encryption use the public certificates on your device. If you use a smart card certificate to authenticate with your device, after you connect your smart card reader to your device, your device requests authentication from the smart card each time that you unlock your device. You can install multiple smart card drivers on your device, including drivers for microSD smart cards, but you can only authenticate to one smart card at a time. If you are authenticating using a microSD smart card and you want to transfer media files between your microSD smart card and your computer in mass storage mode, you must temporarily turn off two-factor authentication or select a different authentication option. If the S/MIME Support Package for BlackBerry® devices is installed on your device, you can use smart card certificates to send S/MIME- protected messages. About two-factor authentication Two-factor authentication is designed to provide additional security for your BlackBerry® device. Two-factor authentication requires an item that you have (for example, a smart card) and an item that you know (for example, a pass phrase). You can also use the connection to your smart card reader to authenticate, without requiring a smart card to be present. You can use a smart card for two-factor authentication when you unlock your device, or you can use a software token for two-factor authentication when you use your device with RSA® software as a hardware token. If you have a Wi-Fi® enabled BlackBerry device, you can also use a software token for two-factor authentication when you log in to a VPN or connect to a Wi-Fi network. Depending on your BlackBerry device model and the two-factor authentication settings that you choose, you might need to type your pass phrase when you perform one of the following actions: • unlock your BlackBerry device • change a general security option on your BlackBerry device • change a smart card option • use your BlackBerry device with RSA softwareUser GuideSecurity297
• log in to a VPN • connect to a Wi-Fi network Turn on two-factor authentication To perform this task, you must have set a password for your BlackBerry® device and have the smart card password that you received with your smart card. 1. On the Home screen or in a folder, click the Options icon. 2. Click Password . 3. Perform one of the following actions: • To use a smart card and your device password to unlock your device, set the User Authenticator field to Smart Card . • To use your connected smart card reader (even if the smart card is not inserted) and your device password to unlock your device, set the User Authenticator field to Proximity . Set the Prompt for Device Password field to Yes. 4. Press the Menu key. 5. Click Save. Import a certificate from a smart card 1. On the Home screen or in a folder, click the Options icon. 2. Click Security Options . 3. Click Advanced Security Options . 4. Click Certificates . 5. Press the Menu key. 6. Click Import Smart Card Certs . 7. Type your smart card password. 8. Select the check box beside a certificate. 9. Click OK. 10. Type your key store password. 11. Click OK. Lock your device when you remove your smart card from your smart card reader 1. On the Home screen or in a folder, click the Options icon. 2. Click Password . 3. If necessary, change the User Authenticator field to Smart card . 4. Change the Lock On Card Removal field to Enabled . 5. Press the Menu key. 6. Click Save.User GuideSecurity298