×

Discussion Board

Results 1 to 4 of 4
  1. #1
    Registered User
    Join Date
    Apr 2007
    Posts
    8

    Installing a signed application as untrusted

    We have a J2ME application that is signed using Verisign. We can install the application on phones that have the Verisign certificate as a "Trusted Third Party" application. However, the application will not install on phones that do not have the Verisign certificate.

    Is it possible to have the same JAD install as "untrusted" on phones that do not have the required certificate, while installing as "trusted third party" if the phone does have the required certificate?

    Currently we are having to build two different JAD files, signed and unsigned, for phones with and without the verisign certificates, respectively.

    Any suggestions on how to merge these two JAD files into one will be greatly appreciated.

    Thanks
    Sunita

  2. #2
    Nokia Developer Champion
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,192

    Re: Installing a signed application as untrusted

    You can remove the signature from the JAD file simply by deleting the
    MIDlet-Certificate-X-X
    and
    MIDlet-Jar-RSA-SHA1
    lines

    Also if you do not have any custom attributes in the JAD file, you can also install the MIDlet with JAR file only (as unsigned app)

    Hartti

  3. #3
    Registered User
    Join Date
    Apr 2007
    Posts
    8

    Re: Installing a signed application as untrusted

    Hartti:

    Our application uses the following capabilities:

    Network Access
    Read User Data
    Add Edit User Data

    We know if we install the application as unsigned we can still use these capabilities, however in some cases the user needs to manually change the "Application Access" settings.

    Given the above we would like to do the following using the same JAD file:

    1) The application should install as "Trusted third party" on the phones when Verisign root certificate is present. This will provide the user with a better user experience as he does not have to change any "Application Access" settings manually. -This portion is working fine for us.

    2) When the phone does not have a Verisign root certificate, we would like to have the same signed JAD file install as "Untrusted". In those cases we can prompt the user to change the "Application Access" settings manually or turn off some features of the application.

    Our question is whether is it possible to use the same signed JAD file to install as "Trusted third party" on phones with Verisign Root Certificate, and as "Untrusted" on phones without the certificated.

    Also if you could elaborate on any other alternate ways that will help us find out what root certificates are present in the phone. For example if we know what root certificates are present during OTA install time we can direct the user to choose the right JAD file.

    Thanks
    Sunita

  4. #4
    Nokia Developer Champion
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,192

    Re: Installing a signed application as untrusted

    Unfortunately you cannot tell to the MIDlet installer to "forget" the certificate on the JAD file. If the corresponding root certificate does not exist on the phone, the installation will fail.

    Hartti

Similar Threads

  1. installing signed midlet
    By piyush.kh in forum Mobile Java General
    Replies: 3
    Last Post: 2007-11-29, 20:31
  2. installing signed midlet
    By piyush.kh in forum Mobile Java General
    Replies: 2
    Last Post: 2007-11-29, 10:51
  3. symbian signed testing problem.
    By anglina in forum Symbian
    Replies: 0
    Last Post: 2007-02-01, 10:15
  4. verisign certificate signed application and 6265 behaviour
    By mmalam1 in forum Mobile Java General
    Replies: 5
    Last Post: 2006-08-17, 20:39
  5. Problems installing application in 7650
    By mirandp in forum Mobile Java General
    Replies: 0
    Last Post: 2002-09-16, 17:10

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •