×

Discussion Board

Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Testing Enabled Trusted Certificated Status in an S40 device

    Hi everybody,

    I am treading back to an old subject of being able to test the "Trusted" signed application status on my Series 40 device.

    Mostly, I want to put some analytics into my game in order to understand my player by understanding how they are playing in order to start working on more meaningful game updates.

    Is there anyway of testing the the trusted certificate status on my own phone game?
    I know its written on the website about getting signed would alleviate the "Ask Once" dialog shown shown to the user.
    Though, I am not really someone whose gonna take the word of what's written in the specifications, since I heard stories of even signed, it would still show the dialog.
    So, I would like to test this out on my device before proceeding further working on this subject.

  2. #2
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by foo_mark View Post
    I know its written on the website about getting signed would alleviate the "Ask Once" dialog shown shown to the user.
    Where did you read this? I don't believe the prompts will disappear completely - you will probably find that "ask always" changes to "ask first time" as the default options, and that "always allow" becomes available (but not selected) in the list of options. Specifications for various Nokia platforms are in the wiki.

    The only way to test trusted status on the device is to sign your app with a trusted certificate - you need to spend money for this.

    Many emulators have an option for running an app with trusted status. Check the documentation for whatever you're using.

    (When I say "trusted", I mean "third-party trusted", since that's the only kind you can sign to.)

    Graham.

  3. #3
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Well, I know for a fact on the S40 FP1 (device I am currently working on), its "Ask First Time" by default.

    How many times am I allowed to sign my application if I decide to pay for it?
    From what I remember, it was pretty expensive, especially if you just want to do it for testing purposes.

    Emulators aren't worth the time, since I already have the device and I want to get an accurate behaviour from these things.

    (Yep, It can only be "3rd party trusted")

  4. #4
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by foo_mark View Post
    Well, I know for a fact on the S40 FP1 (device I am currently working on), its "Ask First Time" by default.
    Bear in mind that this varies by device, and may vary between network operators.

    Quote Originally Posted by foo_mark View Post
    How many times am I allowed to sign my application if I decide to pay for it?
    As many as you like. Certificates have an expiry date, which is typically two years (depending on what you pay for).

    Quote Originally Posted by foo_mark View Post
    From what I remember, it was pretty expensive, especially if you just want to do it for testing purposes.
    Last time I checked, you would be looking at around €200.

    Quote Originally Posted by foo_mark View Post
    Emulators aren't worth the time, since I already have the device and I want to get an accurate behaviour from these things.
    Well, if it replicates the behaviour of the device without you having to buy a certificate, it's worth around €200.

    Graham.

  5. #5
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by grahamhughes View Post
    Bear in mind that this varies by device, and may vary between network operators.
    Right. I've heard of that, sounds like a real pain.
    But if its signed by the hardware vendor like Nokia. It should not be a problem yes, I wouldn't have to deal with the fragmentation of permissions from network operators?

    Quote Originally Posted by grahamhughes View Post
    Well, if it replicates the behaviour of the device without you having to buy a certificate, it's worth around €200.
    Right. Does it replicate the exact behaviour of a Nokia device for this kind of thing? Have you tried it yourself?

  6. #6
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by foo_mark View Post
    But if its signed by the hardware vendor like Nokia. It should not be a problem yes, I wouldn't have to deal with the fragmentation of permissions from network operators?
    Trusted third party is trusted third party, it doesn't matter who signs it. How the device responds is down to it's built-in policy. You can see the wiki page I linked earlier for "standard" policies of most Nokia devices, and some operator variants.

    Quote Originally Posted by foo_mark View Post
    Does it replicate the exact behaviour of a Nokia device for this kind of thing? Have you tried it yourself?
    I haven't, but S40 emulators are extremely good replicas of the actual devices. I'm not even sure if they support running an unsigned (or self-signed) app as trusted, but I recommend you explore it before spending money.

    You didn't say where you found information saying that signing would make the security prompts disappear... can you post a reference? It certainly isn't my understanding...

    Graham.

  7. #7
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by grahamhughes View Post
    I haven't, but S40 emulators are extremely good replicas of the actual devices. I'm not even sure if they support running an unsigned (or self-signed) app as trusted, but I recommend you explore it before spending money.
    I've had my fair share of problems in the J2ME business for 10 years, and I know nothing beats testing on an actual device versus an emulator when it comes down to behaviour. I had one time, implemented GameCanvas on a Sony Ericsson emulator, which works 100% perfect on it, and on an actual device it would give 2 sec delay response for each input.

    The only thing I trust with an emulator is just general program logic, but nothing else.

    Quote Originally Posted by grahamhughes View Post
    You didn't say where you found information saying that signing would make the security prompts disappear... can you post a reference? It certainly isn't my understanding...
    That came from someone's testimony in a development blog, of which I just found out the domain expired (dated 2007).
    http://javablog.co.uk/2007/08/09/how...-killing-j2me/
    Essentially, he described that despite signing his application, the nag screen still shows on his app.

  8. #8
    Super Contributor
    Join Date
    Jun 2003
    Location
    Cheshire, UK
    Posts
    7,395

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by foo_mark View Post
    I've had my fair share of problems in the J2ME business for 10 years, and I know nothing beats testing on an actual device
    That's true... but many emulators (like Sony Ericsson's) are just skins on the Java ME SDK. The S40 emus appear to be complete emulations of the handset, and I've known them faithfully reproduce even bugs in the implementation.

    Quote Originally Posted by foo_mark View Post
    Essentially, he described that despite signing his application, the nag screen still shows on his app.
    Ah... he says it did not make the prompts go? I thought you initially said the opposite. Yes, I'd expect that the prompts will not disappear.

    You can get your app signed by submitting it to the Nokia store, but you'll need a completed product, enough to pass Java Verified.

    But, if I understand you right, you want to make a network connection without user prompts... and I think you will not be able to do that.

    Graham.

  9. #9
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by grahamhughes View Post
    But, if I understand you right, you want to make a network connection without user prompts... and I think you will not be able to do that.
    Yeah, my issue with the prompt upon connection to the network is that it "forced" you to essentially giving the user the off-switch on a silver platter, instead of putting the off-switch in the options menu, where the user has to navigate and turn it off.

    The user would most likely decline if presented with such an option at the beginning.

    Nokia's policy asks that you put a on and off switch for analytics, which I am totally for. But what I am not for, is giving this ability at the very beginning of the application.
    Also, it resets itself at every time the application gets started, which is another annoying thing for the user.

  10. #10
    Super Contributor
    Join Date
    Nov 2003
    Location
    Bangalore , India
    Posts
    4,430

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Just to add : I hope you have already evaluated the option of Free Signing of Java Apps in the Nokia App Store so that you dont have to pay for the Certificates. That also will be signed to Trusted Third Party domain

    Regards
    Gopal
    Twitter : @balagopalks
    Linkedin : @balagopalks

  11. #11
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by balagopalks View Post
    Just to add : I hope you have already evaluated the option of Free Signing of Java Apps in the Nokia App Store so that you dont have to pay for the Certificates. That also will be signed to Trusted Third Party domain
    Right, but I believe what I was referring to was testing my app under a signed certificate on a real device. Nokia's signing was always free for publishing, but for testing a device, I believe its only S60 they have it available.

  12. #12
    Super Contributor
    Join Date
    Nov 2003
    Location
    Bangalore , India
    Posts
    4,430

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    For testing in your own device, Nokia Store Certificate will not be avilable. Its available for apps going live in the AppStore

    Regards
    Gopal
    Twitter : @balagopalks
    Linkedin : @balagopalks

  13. #13
    Nokia Developer Champion
    Join Date
    Mar 2003
    Posts
    4,105

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Quote Originally Posted by foo_mark View Post
    Is there anyway of testing the the trusted certificate status on my own phone game?
    Hack your phone. That BeHappy certificate can be applied in three minutes, if your environment is set up. Beside that, you could use the nokiacert hack. More links and information on this page.

    I do not know what you earn in an hour. Furthermore, you can re-use that certificate still in many years, if you change the date on your device. Additionally, a real certificate open the world of Samsung, Symbian, and Ericsson. Therefore, to be honest, I would go for a VeriSign certificate, which can be ordered here …

    If you just want to learn the process of signing, then I would go for the Series 40 SDKs. Although these are named emulators, in the world of Nokia, those are real firmware and match a real device like nothing else. Some of these SDKs allow the installation of your own certificate authority.

    If you just want to learn the actual permissions, then configure the settings menu in that emulator SDKs, just point and click, nothing to sign actually. Again, that matched real devices, at least the standard product codes. There are a lot of product code variants out there with special permissions – and for those you have to use tools like NaviFirm+ and Nokia Phoenix software to test all of them. Around 10.000 variants.

    Or said differently: What you want to test, this is untestable actually.

  14. #14
    Registered User
    Join Date
    Dec 2011
    Posts
    33

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    Well, I already got my answer about the phone's behavior in terms of the nag dialog the phone shows when it wants to connect to the network.

    There seems to be no way around it, even if you signed the application. I might as well make the next game fully online to give a good UX feel for the player.

  15. #15
    Nokia Developer Champion
    Join Date
    Mar 2003
    Posts
    4,105

    Re: Testing Enabled Trusted Certificated Status in an S40 device

    For Internet access, you are able to remove that dialogue, when you sign your MIDlet and change the permission setting manually. Even without hacking. However, every user of yours has to do these steps themselves.

Similar Threads

  1. Java Verified wants your feedback on new Trusted Status!
    By JavaRuss in forum News and Announcements
    Replies: 1
    Last Post: 2010-11-29, 12:56
  2. Replies: 12
    Last Post: 2010-09-21, 17:06
  3. Unlocking files that are uploaded to OVI but are in QA testing with a PENDING status
    By MTI500 in forum [Closed] Publishing to Nokia Store
    Replies: 1
    Last Post: 2009-08-25, 18:03
  4. gps maps for nokia gps enabled device
    By galaxy_j2me in forum Mobile Java General
    Replies: 1
    Last Post: 2009-06-03, 06:46
  5. Certificated applications update
    By bcarbajo in forum Mobile Java Networking & Messaging & Security
    Replies: 2
    Last Post: 2006-06-08, 15:32

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •