×

Discussion Board

Results 1 to 4 of 4

Hybrid View

  1. #1
    Registered User
    Join Date
    Nov 2008
    Posts
    2

    Question Signing a third party JAR/JAD application

    Please bear with me on this - I am tired of searching, many frustrating attempts, and failures...lol!

    I have a Nokia 6500 Slide. I want to use a program called MapNav (link) - but every time it wants to read/write (not sure which) to the memory card, it has to ask for my permission.

    Now when I'm on the move with a map which can consist of upto 2-8 tiles at a time - you can see why I want to sort the problem out!

    So after questioning this on the MapNav forums, they pretty much said they won't be paying for a certificate, and if we want to sign the application then that's upto the end user. Which I think is a very bad way to treat an end user - but it's free, and I'm always up for a challenge!

    Now I think I made my own certificate. God knows which method I've used, my brain is fried! But when I transfer the JAD and JAR files to the phone, I get the beloved message "Certificate not on phone or sim". Now this is frustrating me - I can't find a way to do this.

    Now what I want to know is this:[list][*]Where can I download a certificate which is already on my phone, at no cost? It seems silly paying paying for something that is sat on my phone, but I can't get at it![*]Under Windows, what's the simplest and least frustrating way to embed the signature into the JAD/JAR files?[*]Assuming I need to do so, how do I install a third party certificate on my Nokia 6500 slide?

    If you've any questions that you need me to answer, in order to help you help me, then fire away!

    Please bear in mind that I am not at all clued up on Java for mobile phones, if at all - so try to be clear in how I do things.

    Thanks!

  2. #2
    Nokia Developer Champion
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,192

    Re: Signing a third party JAR/JAD application

    Unfortunately you have to use a certificate which already exists on the phone for MIDlet signing. Usually this means buying a certificate from Verisign or from Thawte (check your phone which do exist on the phone, hey can be found in Security Settings). There is no method to do the signing at no cost, as you cannot install a new certificate on the phone for MIDlet signing.

    Hartti

  3. #3
    Registered User
    Join Date
    Nov 2008
    Posts
    2

    Re: Signing a third party JAR/JAD application

    How much would one cost, and would it last for the life of the device?

    I have the following certificates installed on the phone:
    • Baltimore CyberTrust Mobile...
    • Baltimore CyberTrust Root
    • Class 3 Public Primary Certification Authority
    • Class 3 Public Primary Certification Authority - 62(c)
    • Class 4 Public Primary Certification Authority - 62(c)
    • Entrust.net Certification Auth...
    • Entrust.net Secure Server Ce... (two of these)
    • Equifax Secure Certificate Authority
    • GTE CyberTrust Global Root
    • GeoTrust CA for UTI
    • GeoTrust Global CA
    • GeoTrust Universal CA
    • GlobalSign Root CA
    • Nokia Content Signing CA
    • RSA Data Security, Inc.
    • RSA Security 1024 V3
    • Thawte Code Signing CA
    • Thawte Premium Server CA
    • Thawte Server CA
    • VeriSign Class 3 Code Signin...
    • VeriSign Class 3 Public Prima...
    • VeriSign Class 4 Public Prima...
    • http__www.valicert.com
    Surely I can use one of those? Seems a bit silly and wasteful having all those on a device I paid for - and to pay even more just to get an application to work!
    Quote Originally Posted by hartti View Post
    Unfortunately you have to use a certificate which already exists on the phone for MIDlet signing. Usually this means buying a certificate from Verisign or from Thawte (check your phone which do exist on the phone, hey can be found in Security Settings). There is no method to do the signing at no cost, as you cannot install a new certificate on the phone for MIDlet signing.

    Hartti

  4. #4
    Registered User
    Join Date
    Jun 2008
    Posts
    19

    Re: Signing a third party JAR/JAD application

    Digital signatures don't last the lifetime of a device. It lasts for a few years (depends on what you want). The cost for a signature depends on the time that you want the signature to last. See thawte or verisign for more details on that.

    None of the certificates that you mentioned relate to the permission of accessing your memorycard. As hartti said, go to thawte or verisign to get your signature if you need it.

    P.S
    At least Thawte requires you to be in an organization and they will chech if the organization is valid. Only after that they may give you the signature.
    Last edited by arinu; 2008-11-24 at 08:25.

Similar Threads

  1. Auto Startup Application Signing!
    By amerzannouneh in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 59
    Last Post: 2011-06-22, 13:36
  2. iPhone Blogger Blog Creation Application
    By semaphore10 in forum News and Announcements
    Replies: 4
    Last Post: 2009-10-06, 08:49
  3. PIM API and application signing
    By JJAAZZZ in forum Mobile Java General
    Replies: 1
    Last Post: 2008-07-28, 12:16
  4. Replies: 4
    Last Post: 2007-06-24, 22:42
  5. Signing S60 V8.1 Application
    By skumar_rao in forum Symbian Signed Support, Application Packaging and Distribution and Security
    Replies: 1
    Last Post: 2007-04-11, 15:54

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •