Import PEM certificate into a x509 file for nokia.


I have a Nokia N80ie, and use it the fetch my e-mail on it. On my server I use a self-signed certificate, which is not known by the Nokia, so everytime I have to permit access :-(

So the first step is to fetch public certificate with openssl:

$ openssl s_client -showcerts -connect ssl-host:443

CONNECTED(00000003)
depth=0 /C=NL/ST=Zuid-Holland/L=Alblasserdam/O=FiWeb Communications/OU=NOC/CN=morpheus.adslweb.net/[email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=NL/ST=Zuid-Holland/L=Alblasserdam/O=FiWeb Communications/OU=NOC/CN=morpheus.adslweb.net/[email protected]
verify return:1
---
Certificate chain
0 s:/C=NL/ST=Zuid-Holland/L=Alblasserdam/O=FiWeb Communications/OU=NOC/CN=morpheus.adslweb.net/[email protected]
i:/C=NL/ST=Zuid-Holland/L=Alblasserdam/O=FiWeb Communications/OU=NOC/CN=morpheus.adslweb.net/[email protected]
-----BEGIN CERTIFICATE-----
MIIE6zCCA9OgAwIBAgIJAI4bJ/U0bPeqMA0GCSqGSIb3DQEBBAUAMIGpMQswCQYD
VQQGEwJOTDEVMBMGA1UECBMMWnVpZC1Ib2xsYW5kMRUwEwYDVQQHEwxBbGJsYXN
[...snip...]

Next step is to copy out the parts between:

-----BEGIN CERTIFICATE-----

end the

-----END CERTIFICATE-----

blocks (including the header and footer), so you have an ascii-file like this:

Now we have to convert the file into a x509 crt file (the filename of the certificate above is example.pem):

$ openssl x509 -in example.pem -inform PEM -out example.crt -outform DER

Now you have a crt file, you can now use bluetooth to transfer it to your Nokia. Your Nokia will ask you if you want to install the certificate, because it might be not valid.. but you just can continue on installing the certificate.