we have just managed to establish a WLAN connection with an E65 using EAP-TLS. This is working fine.
But after each restart of the device the keystore password has to be entered when establishing the first WLAN connection.
This is a problem for us for 2 reasons:
- It is annoying for the users - they just want to use their phone without entering a password (in case of stolen devices the corresponding user name of the certificate could be deactivated at the Radius server).
- It could be seen as a security risk by CIO. They would like that phones are prepared by an administrator who installs certificates in regular intervals (maybe using the Nokia Intellisync Device Manager). The user should not even know the password and therefore cannot change the certificate store or export certificates.
So the question is, if the password handling of the keystore can be changed, so that the password is mandatory for changes in the keystore or export of certificates, but is not necessary for using a certificate for authentication?
With kind regards from the Old City of Vienna,