Certificates
There are three kinds of certificates:
Server certificates—Used by the device to create a connection with improved
security to the content server. The device receives the server certificate from the
service provider before the connection is established, and its validity is checked
using the authority certificates saved in the device. Server certificates are not
saved.
The security indicator
is displayed during a connection if the data
transmission between the device and the content server is encrypted.
The security icon does not indicate that the data transmission between the
gateway and the content server [or place where the requested resource is stored]
is secure. The service provider secures the data transmission between the gateway
and the content server.
Authority certificates—Used by some services, such as banking services, for
checking the validity of other certificates. Authority certificates can either be
119
Copyright © 2005 Nokia. All rights reserved.
saved in the security module by the service provider, or they can be downloaded
from the network if the service supports the use of authority certificates.
User certificates—Issued to users by a Certifying Authority. User certificates are
required [for example, to create a digital signature], and they associate the user
with a specific private key on a security module.
Note: Even if the use of certificates makes the risks involved in remote
connections and software installation considerably smaller, they must
be used correctly in order to benefit from increased security. The
existence of a certificate does not offer any protection by itself; the
certificate manager must contain correct, authentic, or trusted
certificates for increased security to be available. Certificates have a
restricted lifetime. If
Certificate invalid according to phone's date
or
User certificate not valid yet
is shown even if the certificate should be
valid, check that the current date and time in your device are correct.
Before changing any certificate settings, you must make sure that you really trust
the owner of the certificate and that the certificate really belongs to the listed
owner.