×

Discussion Board

Page 1 of 2 12 LastLast
Results 1 to 15 of 18
  1. #1
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Question How to install a self-signed J2ME application in a mobile device?

    Hi,
    Before installing a Verisign-signed app., I want to install a self-signed app. in a mobile device. While installing a self-signed application, it shows the correct details of my own certificate but gives error (Certificate error. Contact the application supplier!) when continues to install it in E61.
    I have self-signed the app. using J2ME wireless toolkit.
    So can anyone tell me the solution for how to install a self-signed application in a mobile device?

    Thanks,

  2. #2
    Nokia Developer Expert
    Join Date
    Aug 2007
    Posts
    1,595

    Re: How to install a self-signed J2ME application in a mobile device?

    Hello shreyasbellary,

    unfortunately using self-signed certificate with E61 (=a S60 3rd Edition device) isn't possible.

    This is however possible with S60 2nd Edition devices due to a bug:

    http://wiki.forum.nokia.com/index.ph...es_for_MIDlets


    Regards,
    r2j7

  3. #3
    Nokia Developer Expert
    Join Date
    Aug 2007
    Posts
    1,595

    Re: How to install a self-signed J2ME application in a mobile device?

    More on signing MIDlets:

    http://wiki.forum.nokia.com/index.ph...curity_Domains

    Certificates to sign to trusted 3rd party domain

    If your application passes Java Verified testing, it will be signed with UTI root certificate, which will place your MIDlet to trusted 3rd party domain. Other common certificates placing your MIDlet to trusted 3rd party domain are available from:

    -Thawte
    -Verisign

    Note, that the MIDP specification does not allow new certificates added on the phones to allow signing to trusted 3rd party domain. This is however possible on S60 2nd Edition devices due to incorrect implementation (instructions). Also note, that some operators have implemented so called developer certificates for their devices (Sprint and China Unicom). Consequently, make sure to check the available code-signing CA-certificates (or check this posting).

    Regards,
    r2j7

  4. #4
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Re: How to install a self-signed J2ME application in a mobile device?

    Hi r2j7,
    Thanks a lot for the very useful reply.

  5. #5
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Re: How to install a self-signed J2ME application in a mobile device?

    Hi r2j7,
    I copied a security sertificate (.cer) & a CSR (.csr) in Nokia 6680 (S60 2nd Edition device). It goes in Messages->Inbox but I am not getting how to install it. In settings->security->Cert. Mgmt., a list of root certificates is (in Authority in Cert.Mgmt.) Then I think the self-signed certificate should be installed in Personal in Cert.Mgmt. Then you can install your self-signed app.
    So plz tell me how to install it in Nokia 6680.

    Thanks,

  6. #6
    Super Contributor
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,191

    Re: How to install a self-signed J2ME application in a mobile device?


  7. #7
    Regular Contributor
    Join Date
    Mar 2006
    Posts
    124

    Re: How to install a self-signed J2ME application in a mobile device?

    shreyasbellary,
    You cannot just copy a certificate to the handset and install it. System will not recognize the certificate unless it comes thru proper channel. Ideally, no handset should allow you to install a self-signed cert (with the exception of S60 2ndEd). Please follow the steps in the link hartti provided.

  8. #8
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Smile Re: How to install a self-signed J2ME application in a mobile device?

    Ok. Thanks..

  9. #9
    Registered User
    Join Date
    Mar 2003
    Posts
    4,105
    shreyasbellary, please have a look at this document which explains how to install certificates in S60.

  10. #10
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Re: How to install a self-signed J2ME application in a mobile device?

    Hi,

    I m using J2ME wireless toolkit 2.2. I created a .csr file from it & copied in Nokia 6680. but it is resided there in Messages-> Inbox. I m not able to install it. In the previous document(.pdf file), no such .csr file is mentioned but a .p12 file is. & its written there that at the time of saving the certificate, the device asks for a password but in my case, no any password is asked instead the .csr file is saved only but dont know where its saved.
    In an another article (http://browndrf.blogspot.com/2006/06...ed-midlet.html), OpenSSL is used to create a self-signed certificate (a .key, .crt & .cer files). I installed OpenSSL but not able to run its commands. (getting error as OpenSSL is not a valid command)

    So I want to know that is it possible to create & sign a certificate using J2ME wireless toolkit 2.2? (I created a .csr Certificate Signing Request file from that but able to sign the midlet from it means in .jad file, I got MIDlet-Certificate-1-1 & MIDlet-Jar-RSA-SHA1 permissions.)

    waiting for the reply...

    Thanks,
    Last edited by shreyasbellary; 2008-02-07 at 05:52.

  11. #11
    Registered User
    Join Date
    Mar 2003
    Posts
    4,105
    There is no need to install a Certificate Signing Request (.csr) on the phone. Personal Key Certificates (.p12) are not needed for signing a Java MIDlet.

    You have to install a CA-certificate (.cer) in DER (binary) encoding. For example, if you drop your certificate file onto a text editor and the first lines states (‘BEGIN CERTIFICATE’) then you have a certificate in PEM (Base64) format. You have to convert it from PEM to DER. Furthermore, I recommend to install a CA-certificate. Load your certificate in Mozilla Firefox » Menu » Extra » Certificate Manager » Authorities » Import and check in Details » Extension for this.

    If you never created a CA yourself, I guess you use the default demo one which comes with the Sun Wireless Toolkit. You have to export this certificate.

    Then either use Bluetooth with OBEX Push (Send As File…) and not USB, not the memory card, and not OBEX File Transfer (Browse Device…). Alternatively, place your certificate on a web server, configure the MIME media types correctly and then download this file with the web browser of your phone.

    Anyway, signing a MIDlet this way is not much fun as it will be limited to Nokia S60 2nd Edition and Nokia Series 80 2nd Edition devices. Furthermore, a trusted third-party MIDlet does not get that much more rights than an (unsigned) untrusted one.

    If you have further questions, I recommend to have a look at this material, especially its last link.

  12. #12
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Re: How to install a self-signed J2ME application in a mobile device?

    OK traud. Thanks for the help..

  13. #13
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Question Re: How to install a self-signed J2ME application in a mobile device?

    what i know abt "ur app. is Verisign certified" means,
    1. if u have a .cer from Verisign, then at the time of app. installation, it will be prompted that 'this app. is trusted'.
    2. u can use restricted APIs.

    I read "http://javablog.co.uk/2007/08/09/how-midlet-signing-is-killing-j2me/"

    I want to know that are there any other meanings/uses of "your J2ME application to be Verisign certified"?

  14. #14
    Registered User
    Join Date
    Mar 2003
    Posts
    4,105
    I do not understand your question. Could you please try again in more detail?

  15. #15
    Registered User
    Join Date
    Jan 2007
    Posts
    25

    Question Re: How to install a self-signed J2ME application in a mobile device?

    ok. I will simplify my question. Please answer my 2 questions.

    1. Tell me the Advantages & the necessity of getting a Verisign Certificate for your J2ME application.

    2. in getting a Verisign Certificate, only you have to provide a .CSR file or anything else?
    After providing all the information & paying their charges, Verisign will give you a .cer file (Security Certificate). Then you have to import that .cer file from J2ME WTK, am I right?

    I read the following link to sign a J2ME application with a certificate.
    " http://www.ai.univ-paris8.fr/~djedi/.../security.html "

    is it correct?
    Last edited by shreyasbellary; 2008-02-18 at 05:32.

Similar Threads

  1. how to connect a J2ME enabled mobile phone to a J2EE application server ?
    By sajid1982 in forum Mobile Java Networking & Messaging & Security
    Replies: 6
    Last Post: 2011-01-10, 17:36
  2. How can use mobile camara as a PC web cam using j2me application?
    By Namdeo in forum Mobile Java Media (Graphics & Sounds)
    Replies: 1
    Last Post: 2007-09-01, 17:13
  3. J2me mp3 playerin mobile device..
    By narendher sharma in forum Mobile Java Tools & SDKs
    Replies: 7
    Last Post: 2007-08-24, 05:13
  4. Bluetooth Security: What exactly is an untrusted device?
    By rahulmcs in forum Bluetooth Technology
    Replies: 1
    Last Post: 2005-12-02, 06:26
  5. Replies: 0
    Last Post: 2005-05-28, 10:20

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×