I've followed some web guides to sign a midlet for a Nokia N95 but it does not work I dont know where is the error or if it is simply not possible in the way I'm trying to do it, the description of what I've done is:
My phone does not accept the signed midlet with the CA installed the process is:
Sun Wireless Toolkit 2.5 (SWT 2.5) (tested with nokia tools and I find the same problems)
Step 1) Set permissions in midlet to be signed (in jad file)
Step 2) Create a CA certificate with openssl
Step 3) Upload to the phone install and choose permisions for the CA certificate, i set permission on all possibilities, Internet, Aplications and VPN, so I trust for everything in this certificate.
Now the problem (whatever I'm doing wrong starts)
Step 4) Generate certificate signing request.
With SWT 2.5 Sign Midlet Suite application I choose create a new pair, write an alias and I fill the form with OU, Country, etc.
I'm requested about his security domain and choose identified_third_party
Then generate a CSR.
Copy to the linux machine with the generated CA and openssl.
Step 5) Sign the certificate, I have do it with:
openssl x509 -req -days 365 -in CSR_file -CA CA_certificate -CAkey CA_KeyFile -out SignedCertificate -CAserial ./serial
I've tried to do in a different way too:
openssl ca -config ./openssl.cnf -policy policy_anything -out SignedCertificate -infiles CSR_file
And openssl.cnf has some properties like where is CA certificate and keys...
Step 6) Import certificates CA and SignedCertificate in IE.
Step 7) Export SignedCertificate certificate in p7b format choosing the option to export with all certificates in chain inside.
Step 8) Choose in "SWT 2.5 sign midlet suite" import certificate, there are two options import trusted certificate indicating a new alias or replace certificate chain and choose one of the certificates.
The first one can not sign the certificate because no private key is found, choosing the option to replace certificate chain for the alias the CSR was made can sign the Midlet, so I think this is the good one to import the p7b.
Step 9) Sign the Midlet
Step 10) Put in a webserver access from N95 mobile phone and then begin installationd and stops in a Error in certificate.
Where is the problem?