Let's clarify 'self-signed' as 'Internal Root CA' or 'Enterprise Root CA', as all Root CA certificates are self-signed, but just using 'self-signed' can imply 'self-signed EAP-TLS certificate', which a company worried about security will not consider.

So, what was the supposed strategy for supporting 'Enterprise Root CA certificates'?

Unfortunately, *all* Nokia devices have suffered from this problem, since E61 or before. E72 is still a mission, because the error messages are useless (no 'untrusted certificate' error, no details from the cert presented, nothing, just 'authentication failed', you can only figure it out by noticing that you didn't enter your password yet ...).

After MacOS/iOS, the second easiest to set up IMHO was Maemo (N900), then Android, then desktop Linux (depending on the distro), then Windows 7, then Vista, then Symbian, finally Windows XP.