Since security is based on TLS digital certificates, it is mandatory that server certificates are signed by a known and trusted certificate authority.
If your certificates is signed by a new CA (not present in phone CA list at ship time) or your private CA, you can import the CA's certificate and trust it.
Open Options -> Security Options -> Advanced Security Options -> Certificates
Select the CA root and trust it. PrivateGSM can now connect to your server.
Connect your iPhone to USB and open using iTunes application.
Select your device -> "Apps" section -> scroll down and you will see a list of applications that have a shared folder.
Import a file named "cachain.pem" containing the whole certificate chain, from Certificate Authority Root down to server certificate, including intermediate CA, using PEM format (ASCII format, starting with line "----BEGIN CERTIFICATE----").
Nokia devices accept certificate in DER format (binary format, non ASCII as PEM). Remember to use a DER format certificate, otherwise Nokia phones will not recognize it properly.
You can install a new CA root in three ways:
You will be prompted to trust the certificate. PrivateGSM can now connect to your server.
SSL certificates management is the key point in SECRET security level, so PrivateGSM takes all SSL aspects in great consideration. You can further restrict the constraints on SSL choosing one single CA root, which you trust particularly. This feature gives you some additional advantages:
Import a custom CA (see 9.2.2"Custom CA on iPhone"). Open and edit Sip settings, and set to ON setting named "Enable custom CA root"
Import a custom CA (see 9.2.3 "Custom CA on Nokia"). Open Settings -> Advanced Settings -> TLS Settings and set to ON setting named "Enable custom CA root"