Blackberry Curve 9310, 9315, 9320 User Guide
Have a look at the manual Blackberry Curve 9310, 9315, 9320 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 57 Blackberry manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Connection options for LDAP-enabled servers OptionDescriptionFriendly NameType a display name for the server.Server NameType the network address of the server.Base QueryType the base query information for the server using X.509 certificate syntax (for example, o=test.rim.net).PortType the port number for your organization’s network. The default port number is 389.Authentication TypeSpecify whether you must log in to the server.Connection TypeSpecify whether your BlackBerry smartphone uses an SSL connection or a TLS connection to connect to the server. Send connection information for a certificate server 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Certificate Servers. 3.Highlight a certificate server. 4.Press the key > Email Server or PIN Server. Key store About the key store The key store on your BlackBerry smartphone might store the following items: •Personal certificates or PGP keys (public and private key pairs) •Certificates that you download using a certification authority profile or the BlackBerry Desktop Software •Root certificates that are included in the BlackBerry Desktop Software •Certificates that you download from an LDAP-enabled server or DSML-enabled server •PGP public keys that you download from an LDAP-enabled server •Certificates or PGP public keys that you import from your smartphone or a media card •Certificates or PGP public keys that you add from a message User GuideSecurity 321
To access items in the key store, you must enter a key store password. If you exceed the number of allowed password attempts, all your smartphone data is deleted. Research In Motion recommends that you regularly create and save a backup file on your computer, especially before you update any software. Maintaining a current backup file on your computer might allow you to recover smartphone data if your smartphone is lost, stolen, or corrupted by an unforeseen issue. Change the key store password 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Key Stores. 3.Press the key > Change Key Store Password. Synchronize the key store password with the smartphone password If you synchronize the key store password with your BlackBerry smartphone password, when you change your smartphone password, the key store password changes to match it automatically. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Key Stores. 3.Change the Use Device Password as Key Store Password field to Yes. 4.Press the key > Save. Change when your smartphone deletes the key store password 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Key Stores. 3.Change the Key Store Password Timeout field. 4.Press the key > Save. To access private keys after your BlackBerry smartphone deletes the key store password, you must type your key store password. Add contacts automatically when you add certificates or PGP keys to the key store You can set your BlackBerry smartphone to add a contact to your contact list using information from a certificate or PGP key in your key store. For example, if you add a coworker's public certificate to your key store, your smartphone can automatically create a contact entry with that person's name, organization, phone number, and address. 1.On the home screen or in a folder, click the Options icon. User GuideSecurity 322
2.Click Security > Advanced Security Settings > Key Stores. 3.Select the Add Certificate Email to Contacts checkbox. 4.Press the key > Save. Change the service that your smartphone uses to download certificates Depending on your organization, you might not be able to change the service that your BlackBerry smartphone uses to download certificates. For more information, contact your administrator. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Key Stores. 3.Change the Certificate Service field. 4.Press the key > Save. Turn off automatic backup and restore of key store data By default, items in the key store on your BlackBerry smartphone are backed up or restored when you back up or restore your smartphone data. For security reasons, if you don't want to back up your private key to your computer or restore your private key from your computer, you can turn off automatic backup and restore of key store data. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Key Stores. 3.Clear the Allow Key Store Backup/Restore checkbox. 4.Press the key > Save. To turn on automatic backup and restore of key store data, select the Allow Key Store Backup/Restore checkbox. Change the refresh rate for certificate revocation lists 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Key Stores. 3.In the Certificate Status section, change the Expires After field. 4.Press the key > Save. Your BlackBerry smartphone downloads a new revocation status automatically when your smartphone uses a key store item with a status that is older than the time limit that you set. Reject certificate revocation lists from unverified CRL servers 1.On the home screen or in a folder, click the Options icon. User GuideSecurity 323
2.Click Security > Advanced Security Settings > Key Stores. 3.Clear the Accept Unverified CRLs checkbox. 4.Press the key > Save. Your BlackBerry smartphone rejects certificate revocation lists from CRL servers that the BlackBerry MDS Connection Service can't verify. Smart cards About using a smart card with your smartphone Smart cards store certificates and private keys. You can use a smart card reader to import certificates from a smart card to the key store on your BlackBerry smartphone, but you can't import private keys. As a result, private key operations such as signing and decryption use the smart card, and public key operations such as verification and encryption use the public certificates on your smartphone. If you use a smart card certificate to authenticate with your smartphone, after you connect your smart card reader to your smartphone, your smartphone requests authentication from the smart card each time that you unlock your smartphone. You can install multiple smart card drivers on your smartphone, including drivers for microSD smart cards, but you can only authenticate to one smart card at a time. If you are authenticating using a microSD smart card and you want to transfer media files between your microSD smart card and your computer, you must temporarily turn off two-factor authentication or select a different authentication option. If the S/MIME Support Package for BlackBerry smartphones is installed on your smartphone, you can use smart card certificates to send S/MIME-protected messages. Turn on two-factor authentication Before you begin: To perform this task, you must set a password for your BlackBerry smartphone and have the smart card password that you received with your smart card. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Password. •To use a smart card and your smartphone password to unlock your smartphone, set the Authentication Type field to Smart Card. •To use your connected smart card reader (even if the smart card is not inserted) and your smartphone password to unlock your smartphone, set the Authentication Type field to Proximity. Select the Prompt for Device Password checkbox. 3.Press the key > Save. User GuideSecurity 324
Import a certificate from a smart card 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Advanced Security Settings > Certificates. 3.Press the key > Import Smart Card Certs. 4.Enter your smart card password. 5.Select the checkbox beside a certificate. 6.Click OK. 7.Enter your key store password. 8.Click OK. Lock your smartphone when you remove your smart card from your smart card reader 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Password. 3.If necessary, change the User Authenticator field to Smart Card. 4.Select the Lock On Card Removal checkbox. 5.Press the key > Save. Related information I can't unlock my smartphone using my smart card, 332 About smart password entry If you use advanced authentication and your BlackBerry smartphone password or smart card password is numeric, you might be able to use smart password entry in some password fields. When smart password entry is turned on, your smartphone is designed to remember the format of a password that you type in a password field. When you type the password again, your smartphone applies a smart password filter to the password field. If the password is numeric, a 123 indicator appears beside the password field and you do not have to press the key to type numbers. If the password is alphanumeric, an ABC indicator appears beside the password field. To use smart password entry, advanced authentication must be turned on and the correct smart card driver and smart card reader must be installed on your smartphone. Turn off smart password entry Before you begin: To perform this task, you must be using a smart card and a password to unlock your BlackBerry smartphone. User GuideSecurity 325
You can turn off smart password entry to reduce the chance that someone might guess your smartphone password or smart card password based on the smart password filter that your smartphone applies to password fields. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Password. 3.If necessary, change the User Authenticator field to Smart Card. 4.Clear the Smart Password Entry checkbox. 5.Press the key > Save. To turn on smart password entry again, check the Smart Password Entry checkbox. Turn off notification for smart card connections 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Smart Card. 3.Clear the LED Session Indicator checkbox. 4.Press the key > Save. To turn on notification for smart card connections, select the LED Session Indicator checkbox. Prerequisites: Using authentication certificates •Your BlackBerry smartphone must have the correct smart card driver and smart card reader driver installed. •You must have imported a certificate from your smart card that you can use for signing and verification. •You must turn on advanced authentication. •You must have set a smartphone password. •You must have the smart card password that you received with your smart card. Use a certificate to authenticate your smart card Before you begin: To perform this task, you must be using a smart card and a password to unlock your BlackBerry smartphone. If you use a certificate to authenticate your smart card, the certificate authenticates your smart card whenever you use your smart card to unlock your smartphone. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Password. 3.If necessary, change the User Authenticator field to Smart card. 4.Change the Authentication Certificate field. 5.Press the key > Save. User GuideSecurity 326
To stop using a certificate to authenticate your smart card, change the Authentication Certificate field to None. Check the status of your authentication certificate automatically Before you begin: To perform this task, you must be using a smart card and a password to unlock your BlackBerry smartphone. 1.On the home screen or in a folder, click the Options icon. 2.Click Password. 3.If necessary, change the User Authenticator field to Smart Card. 4.Change the Certificate Status Check field. 5.Press the key > Save. If your smartphone checks the status of your authentication certificate and finds that it is revoked or expired, your smartphone locks. Store the passphrase for your smart card on your smartphone 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Smart Card. 3.Select the PIN Caching checkbox. 4.Press the key > Save. Your BlackBerry smartphone stores the passphrase for the same length of time as it stores your key store password. VPN settings Depending on the options that your administrator has set for you, this feature might not be supported. About VPN profiles A VPN profile contains the information that you require to log in to your organization's network over VPN. Depending on your organization, your adminstrator might add a VPN profile to your BlackBerry smartphone automatically and you might have more than one VPN profile on your smartphone. For more information about VPN profiles, contact your administrator. About software tokens You might need a software token to log in to a VPN. A software token includes a token code that your BlackBerry smartphone regenerates periodically and a PIN. If you use a software token to log in to a VPN, the software token must be on your smartphone and the software token information that appears in the VPN profile must be correct. For more information about software tokens, contact your administrator. User GuideSecurity 327
View IT policy rules that are set for your smartphone If your BlackBerry smartphone is associated with a BlackBerry Enterprise Server, your administrator might add IT policy rules that determine which features and settings are available on your smartphone. For example, your administrator might add an IT policy rule to your smartphone that requires you to use a password. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Security Status Information > View IT Policy > IT Policy Details. Verify security software manually Security self-tests are designed to verify that security software is implemented correctly on your BlackBerry smartphone. The tests should run automatically after you restart your smartphone, but you can also verify security software manually. 1.On the home screen or in a folder, click the Options icon. 2.Click Security > Security Status Information. 3.Press the key > Verify Security Software. Third-party application control About permissions and trust status for third-party applications You or your administrator can set permissions that control how third-party applications on your BlackBerry smartphone interact with the other applications on your smartphone. For example, you can control whether third-party applications can access data or the Internet, make calls, or track your location. Some applications require specific permissions to work. If you have added a third-party application to your smartphone, your smartphone is designed to prevent the application from sending or receiving data without your knowledge. The first time that you open a third-party application, you might be prompted to trust the application or to set permissions for it. If you trust the application, your smartphone sets most permissions for the application to Allow. You can change the permissions for a specific application or all applications in the smartphone options. Set permissions for a third-party application Note: Changing permissions for third-party applications can significantly affect the operation of applications on your BlackBerry smartphone. For more information about how changing these permissions might affect the operation of the applications on your smartphone, contact your wireless service provider or administrator. 1.On the home screen or in a folder, click the Options icon. 2.Click Device > Application Management. User GuideSecurity 328
• To set permissions for a specific third-party application, highlight the application. Press the key > Edit Permissions . • To set permissions for all third-party applications, press the key > Edit Default Permissions. 3.In the Connections, Interactions, or User Data section, press the key > Expand. 4.Change the permission fields. 5.Press the key > Save. Related information Interaction permissions for third-party applications, 330 Data permissions for third-party applications, 331 Reset connection permissions for third-party applications 1.On the home screen or in a folder, click the Options icon. 2.Click Device > Application Management. 3.Press the key > Edit Default Permissions. 4.Press the key > Reset All Firewall Prompts. 5.Press the key > Apply Defaults to All. About direct Internet connections for third-party applications Some third-party applications that you add to your BlackBerry smartphone might require a direct TCP or HTTP connection to the Internet. For example, a stock price application might need to connect to the Internet to retrieve the latest stock prices. You might have to set the APN that the third-party application uses for this connection. Set up a direct Internet connection for a third-party application To get the user name and password for the APN, contact your wireless service provider. 1.On the home screen or in a folder, click the Options icon. 2.Click Device > Advanced System Settings > TCP IP. 3.Type the APN information. 4.Press the key > Save. Turn on safe mode Before you begin: When you start your BlackBerry smartphone, you can turn on safe mode to prevent third-party applications from running automatically. This safe mode enables you to troubleshoot or remove any unwanted applications. User GuideSecurity 329
1.Remove and reinsert the battery.2.When the red LED light goes out, press and hold the key as the smartphone is loading. 3.When the dialog appears, click OK. When safe mode is on, a safe mode indicator appears at the top of the home screen. To turn off safe mode, repeat step 1. Turn off a prompt for a third-party application connection 1.On the home screen or in a folder, click the Options icon. 2.Click Device > Application Management. 3.Highlight a third-party application. 4.Press the key > Edit Permissions > Prompt Exceptions. •To allow the application to connect to a specific location or resource without displaying a prompt, click Add Allow. Specify a protocol and, if necessary, the domain. •To prevent the application from connecting to a specific location or resource without displaying a prompt, click Add Deny. Specify a protocol and, if necessary, the domain. 5.Press the key > Save. Interaction permissions for third-party applications PermissionDescriptionCross Application CommunicationSpecify whether third-party applications can communicate and share data with other applications on your BlackBerry smartphone. Device SettingsSpecify whether third-party applications can turn on or turn off your smartphone or change smartphone options, such as display options.MediaSpecify whether third-party applications can access media files on your smartphone.Application ManagementSpecify whether third-party applications can add or delete application modules or access module information such as an application name or version.ThemesSpecify whether your smartphone can use third-party applications as a source for customized themes.Input SimulationSpecify whether third-party applications can simulate actions, such as pressing a key on your smartphone.User GuideSecurity 330