The Symbian platform provides the ability to validate and manage X.509 certificates. This ability is integrated into the software installation process to provide Secure Software Install (SWI) with the functionality of performing certificate checking at installation time. During installation, SWI checks whether the certificates associated with the application to be installed have been revoked. It performs this check by using Online Certificate Status Protocol (OCSP).
You can configure SWI to enable or disable the revocation status check of certificates. In addition, SWI can also be configured to supply the OCSP client with a default Uniform Resource Identifier (URI) for the OCSP server.
You can configure SWI to enable or disable the revocation status check of certificates. In addition, SWI can also be configured to supply the OCSP client with a default Uniform Resource Identifier (URI) for the OCSP server.
SWI validates the certificate in the install file. As part of validation, it carries out revocation check, depending on the setting of the OcspEnabled parameter in the swipolicy.ini file. If the revocation check option is not enabled, a warning is displayed giving options to carry out revocation check, to continue without revocation check or to cancel the installation. If the option is enabled, all certificates in the chain except the root are checked.
Note: For details on how certificates are validated, see Certificate Validation in PKIX.
The results of revocation check decide whether the application can be installed. The following are the scenarios associated with the certificate revocation check:
If the OCSP client indicates that no certificates are revoked and the operation completes successfully with no errors or warnings, the software can be installed.
If OCSP indicates that any of the certificates is revoked or if the signature on the OCSP response is invalid, a security error is issued and the software cannot be installed.
If the revocation status of a certificate cannot be determined (because of reasons like lack of network access or OCSP responder error), SWI behaves as if the software were unsigned. The setting of the AllowUnsigned parameter in the swipolicy.ini file determines whether the unsigned software can be installed or not. If the parameter value is true, SWI issues a warning before installing but allows installation of the software. Otherwise it issues an error and does not allow installation.
Note: For details of the various parameters in swipolicy.ini, see Secure Software Install Reference.