I often get a call from customer that they are unable to access the MDS part (Applications Installed, Devices Registered, Applications Registered) via the BlackBerry Manager.
When they try to access these options they get a message box with the following content in it:
"You are entering a secure site. The first time you access this site you must install the SSL Certificate. A valid user name and password is required once per session."
At the bottom of this window, you have this message:
"Note: To install certificate:
1. In the Security Alert dialog box, click View Certificate.
2. In the Certificate Information dialog box, click Install Certificate.
3. Complete the Certificate Import Wizard."
Together with a "MDSIS-security" windows, (and sometimes a offer to accept a SSL certificate) where they need to enter a username and a password. The admin password for the MDS Service is accepted, but you see the same MDS error.
This error occoured because the (server.key) key store does not contain the FQDN of the BlackBerry MDS Services for the Apache Tomcat alias. You can quickly check this if you examine the issuer from the ssl certificate in your Internet Explorer. Search for something like "BlackBerry MDS Service" or similar. If you found it, you can delete it (because "BlackBerry MDS Service" doesn´t match the Hostname from your MDS Server) and go directly to the resulution down under.
The server.key key store is located in the following directory:
C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\config\security\
- Browse to the following directory from a command prompt: C:\Program Files\Research In Motion\BlackBerry Enterprise Server\MDSS\bin
- Type the following command from this directory (do not include quotes or brackets): >jks-generate.bat <KEYSTORE_PASSWORD> <FQDN>NOTE: <KEYSTORE_PASSWORD> should be replaced with the keystore password, which (by default) is “changeme”.
NOTE: <FQDN> should be replaced with the Fully Qualified Domain Name of the BlackBerry Enterprise Server BlackBerry MDS Services host, (e.g. blackberry.acme.com)
- If BlackBerry Manager is open, close it.
- In Microsoft Internet Explorer, select Tools > Internet Options.
- On the Content tab, select Certificates.
- Click Trusted Root Certification Authorities.
- Look for any certificates that resemble the computer name or FQDN of the BlackBerry Enterprise Server, or that reference MDS Services (e.g. "BlackBerry MDS Service").
- Remove those certificates.
- Restart the BlackBerry MDS Services Apache Tomcat service.
- Open BlackBerry Manager and install the certificate.
That should solve your problems with the MDS.