Issue/Introduction:
This article describes the enrollment of a BlackBerry device with PGP Universal Server.
Resolution:
The PGP Support Package for BlackBerry should be installed on the BlackBerry device before enrolling with PGP Universal Server. The users PGP credentials (Username and Passphrase) or users email address can be used to enroll the user with PGP Universal Server from the BlackBerry device. You can specify how the user must authenticate with PGP Universal Server using the PGP Universal Enrollment Method or policy.
After installation of The PGP Support package the following should occur by default :
- The BlackBerry device prompts the user to enroll with PGP Universal Server when the user tries to send a message from the BlackBerry device and when the BlackBerry device resets.
- An menu option “Enroll with PGP Universal Server” appears on the PGP options screen.
When the user enrolls and authenticates with PGP Universal Server from the BlackBerry device, the BlackBerry device retrieves the following items from the PGP Universal Server over the wireless network:
- PGP keys for the user
- Updates the email policy of PGP Universal Server
- PGP keys for recipients, when the user sends a PGP protected message
The BlackBerry device also caches the email policy of PGP Universal Server. The PGP keys and credentials are stored in the BlackBerry device memory. On restart of the BlackBerry device the cached credentials authenticate the BlackBerry device to the PGP Universal Server automatically.
After enrollment with the PGP Universal Server, the user can download PGP keys to the BlackBerry device and verify the status of the PGP keys. The BlackBerry device and PGP Universal Server uses a LDAP search for retrieval of the PGP keys. The BlackBerry device connects to PGP Universal Server each time the user sends or receives a PGP protected message on the BlackBerry device and so is with the BES server.
Applies To
PGP Support Package for BlackBerry
BlackBerry device
PGP Universal Server
BES server