How to Enable PGP on BES12

0 18

PGP (Pretty Good Privacy) is a data encryption and decryption technology that provides cryptographic privacy and authentication for data communications.

BES12 can utilize PGP point to point encryption within an email profile for BlackBerry 10 smartphones running BlackBerry 10 OS version 10.3.1 and later.

Note: PGP keys never synchronize to the BlackBerry smartphone. When BlackBerry smartphone requires the key(s), a call is placed to the Symantec Encryption Management server and the server will parse and deliver the applicable key to the smartphone.

Keys manually imported onto the smartphone using device options Settings\System Settings\Security and Privacy\PGP Keys do not take presidence over the BES12 PGP key distribution and as such, key(s) obtained from the Symantec Encryption Management server will be the ones utilized.

How to Enable PGP on BES12

To enable PGP for point to point encryption service on the BES12 it is necessary to edit an existing mail profile or create a new one and enable the option.

  1. Open Policies and Profiles and listed under Email, click Add an email profile.
  2. Enter the email profile information applicable to the BlackBerry platform, scroll down to the PGP settings.
  3. To enable, select the dropdown box Allow, or Required. An available Disallow option also exists if PGP is explicitly denied in an organization.
  4. In the Symantec Encryption Management Server address input field, specify the FQDN or IP address of the organizations Symantec Encryption Management Server (this will allow BlackBerry 10 OS version 10.3 and later devices to enroll against the PGP server).
  5. Select the dropdown box for Symantec Encryption Management Server enrollment method and select either Email authentication or Microsoft Active Directory Authentication.
  6. These same options can also be changed within an existing Email profile to enable PGP.
  7. Click Add.

The PGP interface SSL certificate is not required but the issuing root and intermediate cert (if necessary) must also be trusted by the BlackBerry 10 smartphone. They can be delivered by way of a  CA certificate profile(s),

Instructions to create the profile are included in the BES12 Administration Guide under Creating CA certificate profiles.  This profile must be assigned to users/devices who will utilize PGP service.

To create a CA Certificate Profile in BES12 UI:

  1. On the menu bar, click Policies and Profiles.
  2. Click (+) beside CA certificate.
  3. Type a unique name and description for the profile.
  4. In the Certificate file field, click Browse to locate the Certificate Authority root certificate.
  5. Specify Browser certificate store and  Enterprise certificate store.
  6. Click Add.

Apply the profile to PGP enabled users on the BES12.

PGP is not currently available in BES12 for iOS, Android or Windows platforms.

[signoff predefined=”Enjoy this?” icon=”users”][/signoff]

Privacy Settings
We use Cookies to give you a better website experience.
We use WooCommerce as a shopping system. For cart and order processing 2 cookies will be stored: woocommerce_cart_hash & woocommerce_items_in_cart. This cookies are strictly necessary and can not be turned off.
Google Analytics
We track anonymized user information to improve our website.
Google Tag Manager
We use Google Tag Manager to monitor our traffic and to help us AB test new features
We use Google AdSense to show online advertisements on our website.

Our Website uses cookies, which help us to improve our site and enables us to deliver the best possible service. By agreeing you accept the use of cookies in accordance with our cookie policy.

Essential SSL