I am currently working on a merge replication szenario. I managed to synchronize some SQL Server 2005 database tables with my SQL Server 2005 Mobile Edition database.
Now I want to focus on security. I know that I want do do basic authentication together with SSL. I used selfssl from the iis resource kit to produce a certificate for the iis.
How do I install the ssl certificate on the mobile device? Do I need some tools? Do I need to export that certificate and if yes, how do I do that?
Can you give me some general hints how to solve this as I am totally stuck and don't know where to start.
Regards
Tobias
Tobias,
Here is what you'll need to do:
1. get a test certificate from Verisign - this process will generate a .CER file. I have had trouble getting this to work with certificates generated by the IIS Resource Kit and you can get test certs from Verisign for free. click on Free SSL Trial Certificate on this site: http://www.verisign.com/products-services/security-services/ssl/index.html
2. copy the .CER file to the mobile device. Once there, simply tap on the .CER file and PPC2003 and later devices will ask you if you want to install this certificate on the device - say yes.
3. re-run the SQL Mobile Configure Web Replication wizard on the server and provide the information about your SSL cert - specify that SSL is required and you wish to use Basic Auth
4. in your mobile app, be sure to change the replication url from http to https and provide the InternetUser and InternetPassword properties to get through Basic Auth.
First test that you can get to https://{serverIP}/{virt dir}/sqlcesa30.dll in Pocket IE on your device - of course you will be prompted for Basic Auth credentials - but this will verify that yoru transport and the SSL encryption on that transport are working. Then transition to testing your actual mobile device.
-Darren
|||I want to add one more thing to this - it would appear that Verisign SSL certificates on Windows Mobile 5 devices are problematic for merge replication between SQL Mobile and SQL Server 2005. Certificates from Thawte http://www.thawte.com/ work fine. I am pursuing a better explanation as to why this is and will keep everyone posted. This is only true for Windows Mobile 5 devices - Verisign certs work just fine with merge replication on PPC2003 devices.
Darren
No comments:
Post a Comment