Unlock MIDlet: Incorrect SSL server certificate

[Alex_Polt]

Just tried today to unlock Nokia 6212 and got the following error: Incorect SSL server certeficate.
Could it be that Nokia server certificate has expired or is it something else.

[dertew]

I also encountered this problem recently. First few attempts to unlock was failed but with Errors likes Service Denied, HTTP Post Failed but finally I was stuck with this error permanently.
Any one have any solution to this?
Please advise Thanks.

[traud]

I did not try, but what happens if you change the date/time setting to 2009?

[minisystem]

That doesn't help - Nokia has changed server SSL certificate and Unlock midlet contains specific certificate it expects from server.

[minisystem]

OK, solved by editing expected certificate info...

[snic]

I'm having the same problem...what did you change...something inside the system.properties file in the midlet?

[limcy]

@minisystem: Do you mind sharing the details on how to do so? Which class exactly that you modify? Do you use java decompiler? Thanks...

[minisystem]

Constant #380 in p.class, directly with class editor (decompiler doesn't work).

[limcy]

@minisystem: Thanks for the lead. CMIIW: If you change that, you'll need to also re-sign the jar, right? Mind sharing the values you assigned to the constant? Any modifications on the certificate in the jad?

[minisystem]

Yes, I've re-signed the jar (with my own certificate). I'm not sure if it's necessary, but I suppose it is (to access SE).
You don't need to change .jad, that value isn't used. I've changed the constant to

Code:

C=US;O=VeriSign, Inc.;OU=VeriSign Trust Network;OU=Terms of use at https://www.verisign.com/rpa (c)10;CN=VeriSign Class 3 International Server CA - G3

I hope this answers all questions you might have.

[limcy]

@minisystem: I've changed the variable to the value you provided. I put the modified class file back into the .jar file. Copy the .jar file to the phone. Then tried to run it on the phone. It gave me a 'No Card Connection' error.

If I also copy the .jad file (with the MIDlet-Jar-Size parameter adjusted according to the size of the .jar) then a 'Certificate is not on the Phone or SIM'.
Then, I tried to remove the MIDlet-Jar-RSA-SHA1 and MIDlet-Certificate-1-1 lines in the .jad file, I got the 'No Card Connection' error once again.
Looking at such behavior, it seems that the certificate in the .jad file matters. It is strange that you're able to run the application without .jad file involvement.
Are you running the application on Nokia 6131 or different phone? Mine is 6131. Anyhow, if it is not too much, I'm wondering if you're willing to share your modified
.jad and .jar files? (I will send you my email address) Thanks.

Yes, I've re-signed the jar (with my own certificate). I'm not sure if it's necessary, but I suppose it is (to access SE).
You don't need to change .jad, that value isn't used. I've changed the constant to

Code:

C=US;O=VeriSign, Inc.;OU=VeriSign Trust Network;OU=Terms of use at https://www.verisign.com/rpa (c)10;CN=VeriSign Class 3 International Server CA - G3

I hope this answers all questions you might have.

[retryterty]

Hello,

I am working on Nokia 6212. I have a SIM Card and the unlock midlet.
Unfortunately, I have the incorrect SSL server certificate when I am unlocking the secure element.

I have old keys. Maybe I can sign the midlet like you.
But I don't know how it works.

I have tried to use a software on windowz and sign the file.
Two new files are appeared into the jar file, It is the signature also.

But the Nokia Unlock Midlet, signed, can't be launched. I have a "invalid application" error.

Would you have some idea ?

Thanksfully
A lost student