Knowledgebase: BlackBerry
'Server certificate not trusted' error prevents NotifyLink/NotifySync registration
Posted by Donna DeEulio on 12 February 2010 01:56 PM


 When registering a BlackBerry device against NotifyLink or NotifySync, a dialog appears prompting you to accept a certificate.  This will prevent completion of your registration until you properly accept the certificate.


To Accept the Certificate:

 1.       The prompt states,

“You are attempting to open a secure connection, but the server’s certificate is not trusted.”
Select “Trust Certificate”

  2.       The device prompts for the keystore password.   Enter this password and select OK.

If you do not know this password reference Knowledgebase  article 298:


 3.       Another pop-up error appears:

  “The certificate could not be added to the Trusted Key Store due to IT Policy Restrictions”

Select OK (the only option).

To fix this:

a.       Go  to the BlackBerry Options and select:  Security Options -> Certificates

b.      Locate and highlight the certificate that matches the server address used during registration.

c.       Select Menu and choose Trust

Note:  If you are unable to locate your server address in the list, go to the web access page for your mail server (for example, OWA for Exchange users) in the device browser and accept the certificate prompt that appears when going to the HTTPS address in the web browser. 


Once this has been completed, the certificate is accepted and registration/synchronization should continue to completion. 


If you to see problems after you have successfully accepted the certificate, there may be a BES policy in place on the device that is preventing you from completing the registration.   Please reference Knowledgebase  article 305 for instructions on resolving this issue.