×

Discussion Board

Results 1 to 8 of 8
  1. #1
    Registered User
    Join Date
    Apr 2009
    Posts
    41

    Questions about signing midlet

    Hi all,

    I have a couple of questions concerning signing my app both of which may seem like they have obvious answers but Im just looking for some clarification.

    1. How long does it take to sign a midlet from a company such as Verisign. I assume that this will depend on the size of the app and what the app actually does. I can tell you it is about 4 thousand lines of code all together and it performs fileconnections, http connections and uses the location api(jsr 179), but even with thses details Im not sure whether you can give me an estimate on how long it may take???

    2. Once I have signed the app am I able to make any changes to the code without having to pay again to have it signed?

    Any info you have I would really appreciate. Many thanks

    Jules

  2. #2
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Questions about signing midlet

    Verisign don't sign the application for you. They sell you a certificate with which you sign your own application. The purpose is just to verify that the application comes from you. Verisign are not a testing company, they do not check that your application works, or is god or bad.

    Once you have the certificate, you can sign as many JARs as you like, until the certificate expires (usually one or two years).

    Hope that helps.

    Graham.

  3. #3
    Registered User
    Join Date
    Apr 2009
    Posts
    41

    Re: Questions about signing midlet

    Thanks for the reply...

    So am I right in thinking that even though verisign dont test the code to make sure its safe that my app will still be placed in a trusted domain....hence bypassing all the permission requests, or do I have to go through a different process to achieve this?

    Many thanks again

    Jules

  4. #4
    Super Contributor
    Join Date
    Apr 2007
    Posts
    2,708

    Re: Questions about signing midlet

    Yup you are tight, what Verisign will check is if you are a real existing company/business...
    If you are then it will do some background checks and at that point you will be a "trusted 3rd party", which (after signing your application) you will also be categorized under according to the Nokia's security domains...
    So you won't even have to send your code/application to Verisign, just request the certificate, pay for it and then you will receive it within 3-5 days...
    After that you will be able to sign (yourself, so not via Verisign) you apps...

    If instead you want to use the Java Certified Programme then you have to sent your app/code and it will get tested...

  5. #5
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Questions about signing midlet

    Your code can be complete rubbish and full of bugs, it doesn't matter. Signed, it goes in the "trusted third-party" domain (assuming the device trusts a Verisign signature, not all do). This will no bypass permission requests. It may change them, and it may enable more options for the user to disable the requests (by selecting "always allow", for example). How permissions are changed depends on the device.

    Graham.

  6. #6
    Registered User
    Join Date
    Apr 2009
    Posts
    41

    Re: Questions about signing midlet

    Thanks again for the info guys....

    Do either of you know specifically if my app is placed in the trusted 3rd party domain that the user will be able to "allow file connections" always on the n97... or where I might be able to find this information out?

    Thank you again

    Jules

  7. #7
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Questions about signing midlet

    This article (and the others it links to) should help you.

    Graham.

  8. #8
    Registered User
    Join Date
    Apr 2009
    Posts
    41

    Re: Questions about signing midlet

    Perfect thank you.

    Jules

Similar Threads

  1. signing midlet
    By jselvakumar26071988 in forum Mobile Java Networking & Messaging & Security
    Replies: 5
    Last Post: 2009-07-30, 10:19
  2. MIDlet signing with Thawte cert for 6600
    By kersing in forum Mobile Java General
    Replies: 3
    Last Post: 2008-03-07, 05:41
  3. Nokia 6101 Locked 2 TMobile Midlet can't access internet...
    By Jason Glass in forum Mobile Java Networking & Messaging & Security
    Replies: 45
    Last Post: 2007-11-14, 02:19
  4. Pushregistry, Security Alert after signing the midlet?
    By juppi in forum Mobile Java Networking & Messaging & Security
    Replies: 15
    Last Post: 2007-08-08, 11:04
  5. MIDlet Signing (URGENT -- PLEASE HELP ME NOKIA EXPERTS)
    By earamsey in forum Mobile Java General
    Replies: 0
    Last Post: 2004-10-25, 23:57

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×