BlackBerry Bold 9650 - Browser security

background image

Browser security

About TLS

The BlackBerry® Browser configuration is designed to use TLS or SSL to encrypt data that your device sends or receives over the

Internet through the BlackBerry® Enterprise Server. Communication between your device and the BlackBerry Enterprise Server

is encrypted using Triple DES. Communication between the BlackBerry Enterprise Server and content servers is encrypted using

SSL or TLS. To increase security, you can set up TLS for HTTP connections between your device and the BlackBerry Enterprise

Server and use Triple DES encryption for all other communication between your device and the BlackBerry Enterprise Server.

User Guide

Browser

154

background image

TLS options

Option

Description

Permit SSL 3.0

Specify whether your browser accepts SSL connections. If you do not select this
option, your browser allows only TLS connections.

Encryption Strength

Specify whether your browser only accepts and sends data that is encrypted using
128-bit encryption. To accept and send only data that is encrypted using 128-bit
encryption, change this field to Strong Only. To accept and send data that is
encrypted using 128-bit encryption or 56-bit encryption, change this field to Allow
Weak
.

Digest Strength

Specify whether your browser accepts data with weak digest algorithms or accepts
only data with strong digest algorithms. The stronger the digest algorithm is, the
more secure your browsing experience is. To accept data with weak digest
algorithms, change this field to Allow Weak. To accept only data with strong digest
algorithms, change this field to Strong Only. To be prompted to accept data with
weak digest algorithms, change this field to Prompt. Depending on the options that
your administrator sets, you might not be able to change this option.

Manage browser security

1. On the Home screen or in a folder, click the Options icon.
2. Click Security > Advanced Security Settings > TLS.
3. Set the security options.
4. Press the

key > Save.

Add a trusted content server

If your email account uses a BlackBerry® Enterprise Server, you can add content servers to your list of trusted content servers
to accelerate the authentication process when you are authenticating with a content server.
1. On the Home screen or in a folder, click the Options icon.
2. Click Security > Advanced Security Settings > TLS.
3. Highlight the Trust Hosts field.
4. Press the

key > Add Host.

5. Type the web address for the content server.
6. Click OK.
7. Press the

key > Save.

User Guide

Browser

155

background image

Add or change a web site that is associated with a certificate

To access some web sites, you might need to provide an authentication certificate. After you provide a certificate to a web site,
the web site and the associated certificate are automatically added to the Host/Certificate Mappings list in your TLS options.
You can manually add or change a web site that is associated with a certificate.
1. On the Home screen or in a folder, click the Options icon.
2. Click Security > Advanced Security Settings > TLS.

• To manually associate a web site with a certificate, highlight the Host/Certificate Mappings field. Press the

key >

Add Host. In the Host Name field, type the web site name. In the Certificate field, select the certificate that is

associated with the web site. Click OK.

• To change a web site that is associated with a certificate, in the Host/Certificate Mappings list, highlight an item. Press

the

key > Edit. Change the certificate. Click OK.

3. Press the

key > Save.