My customer Correos wants to upgrade their WM5 MC70 to WM6.1. Wifi connectivity is made using a Fusion API based application I wrote for them. They use WPA2-enterprise PEAP ms-chap v2 with a server certificate to provide mutual auth. They also have thousands of MC75 WM6.1 BSP 27 with the same fusion application working well for years. MC70 on WM5 have also being working properly. Problem on MC70 WM6.1 (whose Fusion version is 2.57.0.0.018R) is that every time profile is created and then certificate is installed: fapiProfile.NetworkType.Infrastructure.CredentialSettings.dwCredentialFlags = FAPI_REQUIRE_SERVER_CERTIFICATE; two confirmation balloons are displayed for installing the certificate. This does not happen on the other platforms, certificate is always silently installed (fusion 2.61.0.0.11R on MC75 WM6.1BSP27). I also tested WM 6 utility, CertInstaller.exe and it actually shows the very same two balloons, but only on the first installation of the certificate. If it is already installed, CertInstaller.exe is silent. Fusion however keeps on popping up them all the time, no matter if certificate is already installed or not. Is there a way to fix this, i.e, security registry setting, fusion 2.61 upgrade installer for MC70 WM6.1, etcetera? Please note that I also tested: fapiProfile.NetworkType.Infrastructure.CredentialSettings.dwCredentialFlags = FAPI_REQUIRE_SERVER_CERTIFICATE | FAPI_SPECIFY_SERVER_CERTIFICATE_LOCAL; Which works fine only once certificate has been installed -but just because it does not install it again but uses it instead. This is not what my customer needs, because the way it is implemented now is much simpler when upgrading the about-to-expire certs: just overwrite the .cer file with the new one and let Fusion install it when needed.
MC70 WM 6.1 SERVER certificate problem |
1 Replies
I found that this registry entry: HKLM\Security\Policies\Policies\00001017 when set to 144 would do the job ( http://msgoodies.blogspot.com/2005/11/solution-for-adding-own-root.html and http://forum.xda-developers.com/showthread.php?t=373319 ) Yes it does, but not for Fusion: when you click on the .cer file, it does not prompt, when using certinstaller it does not either... but fusion still prompts all the time. I also found that if you "Block" the installation it actually uninstalls the cert (if it was already installed)!! Any suggestion? PD: I installed latest 2.57 Fusion (25R I guess) to no avail.