Installing a Root Certificate
To install a root certificate in a Windows Mobile-based device after manufacture you must do the following: first ensure that it is a Base-64 encoded certificate, then place it in a provisioning XML document containing the code required to install the certificate in the appropriate certificate store (in this case ROOT), finally, you must send the provisioning XML document to the device.
To install a root certificate on a Windows Mobile-based device
- Convert the root certificate (.cer) to a Base-64 Encoded x.509 certificate. For more information, see Converting a Root Certificate.
- Create the provisioning XML to install the certificate in the appropriate certificate store on the device. For more information, see Creating a Provisioning XML Document For The Root Certificate or, if you are provisioning through an DM server, see Creating a Provisioning XML Document For The Root Certificate (OMA DM)
- Deliver the certificate to the device.
After you create the provisioning file you have the following options for delivering the file to a Windows Mobile-based device:
You can send the provisioning file over the air using an OMA DM Server. For more information see Provisioning OTA Through an OMA DM Server.
You can wrap the provisioning file in a .cpf file and send it using one of these delivery methods: Internet Explorer Mobile, ActiveSync, SI/SL, or Storage Card. For more information see Creating a .cpf File and Delivering Applications.
Note Microsoft recommends that you package and sign provisioning documents in the CAB Provisioning Format (.cpf). An XML provisioning document may not install on a Windows Mobile-based device if the file containing the document is not signed. For more information about a .cpf file, see Cab Provisioning Format (CPF) File
You can send the provisioning file over-the-air using an OMA Client Provisioning (formerly WAP) server. For more information see Provisioning OTA Through a WAP Push.
Send Feedback on this topic to the authors