Well, I did it. (It was damn about time ;))

Special thanks goes to
spddemn at qusers.com.

Here is the easy steps:

1. Download and install Device Security Manager Powertoy for Windows Mobile 5.0 from Microsoft. This is a nifty utility to show what security policy is in effect. If you connect your Q to your PC, you’ll see two tier security policy is in effect.

2. Download and copy secpolicies.cab to your Q (using ActiveSync, Total Commander, or just browse this site via Pocket Internet Explorer). I got this from Telus support, after following a post on qusers.com.

3. Run and install it. This allows you to install third party SSL Root Certs.

4. If you run Device Security Manager Powertoy for Windows Mobile 5.0 now (it is listed in Start – Programs as "Security Configuration Manager", you’ll see now you are using One Tier Prompt. Select Security Off and click Provision. It will install tool.cab to your device and then provision the settings.

If you want to do it the hard way, you can also change registry keys:


to the same effect. Interestingly, on many forums, value for 1017 is set as 090 (hex, originally 080), where as the above tool sets it to 10. Also 1005 is set to DE, where many articles I read sets it to 28. The rest is the same. But right after step 3, I was able to manually edit these keys via Resco Regedit or PHM Regedit (HTC Signed copy)

Yippie, no more