SSL Cert Vendors

Solution 1:

You're pretty much up the creek without a paddle. Verisign used to be the safest vendor to use. These days Thawte is safe as well.

Here's one of the few handset specifications in English here: http://communaute.imode.fr/pages/13/i-mode_Handset_specification_N343i.pdf

Its a 2005 model - but shows in the specs the SSL providers supported. The newer models do support more providers, but better to be safe than sorry.

The only other way would be allow the site over http and for the http version restrict it to the ip range for mobiles from Docomo, AU, Softbank, Willcom and E-Mobile. Somewhat of a security hole and not something I'd recommend - but I guess an option depending on the content. For the IP ranges - you'll probably have to get your Japanese office to do some googling or contact the companies. I know they used to be available.

Solution 2:

Typically if the SSL vendor signs your certificate with an intermediate cert, they provide you the intermediate cert to install on your server as the CA cert. The intermediate cert should then be signed by the cert that is installed in the browser. Did you not install the intermediate certificate?

Solution 3:

Each phone has some sort of webbrowser and that browser has a certificate store but usually there is no way to import certs permanently into those browsers. I'd guess that you probably need to figure out how to host the proper cert on your site so that the cell phone can download and TEMPORARILY install the cert chain (for the current session) before it starts the web transaction with your site.

Please dont mark me down for this. Im just trying to help.