View Source

The certificates settings (<certificates> tag) contains the trusted server certificates. This XML tag can be used either

inside the <settings> tag in a general provisioning file (but outside the </phone-settings> tag)
as an individual XML file whose URL is listed inside <setting-files> tag

The tag contains an attribute with the URL of the certificate file to fetch:

<certificate url="http://some.url/certificate.der" />

Please note that the download of the certificate is delayed after all provisioning xml files have been loaded and processed.

A second variant of this tag is supported, where the content of the certificate file is included as a base64 encoded string:

<certificate type="base64">...</certificate>

The benefit of this variant is, that the certificate is immediately available after processing the line in the provisioning XML. You can get the base64 encoded certificate out of the PEM format, removing the BEGIN / END taglines:

-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----