This is what I did to use my CA with GMS.

These steps are a bit different from those describe at

- Copy your mycompagny-CA.cer in c:
- Import it in cacerts.

>cd C:Program FilesIntellisync Mobile Suitejrebin
>keytool -keystore "C:Program FilesIntellisync Mobile

Suitejrelibsecuritycacerts" -alias gms -import -file c:mycompagny-CA.cer

The default password for the cacerts keystore is changeit. (you should
follow this advice ;-) ).
You can check that all is ok :

>keytool -list -keystore "C:Program FilesIntellisync Mobile

Suitejrelibsecuritycacerts" –v

- Generate a keystore.

> keytool -genkey -alias gmsalias -keyalg RSA -keystore gmskey.key

- Create a cert request

> keytool -certreq -alias gmsalias -file c:gmscert.csr -keystore gmskey.key

- Issue a certificate with Console One (see link above)
- Import the certificate

> keytool -import -trustcacerts -alias gmsalias -file c:gmscert.der -keystore


- You can check it
> Keytool –list –keystore gmskey –v

Then follow the TID from step 21.

Now, if you install your mycompagny-CA.cer on a workstation and then use
Internet Explorer to browse to your site (
then no security warning will appear.