×

Discussion Board

Results 1 to 4 of 4
  1. #1
    Registered User
    Join Date
    Mar 2003
    Posts
    1

    Question Has 'Trusted Third Party' changed from simply signed to Java verified?

    Reading the excellent guide 'MIDP 2.0: Tutorial On Signed MIDlets' I came away with the notion that buying a code signing certificate from Verisign and signing your application would allow your MIDlet to execute in the 'Trusted Third Party' domain.

    This would appear to not be the case when tested with the 6170,7610 and 6230 (the application is untrusted).

    Following this up I have two questions:
    Do any Nokia handsets trust the application if it's signed by a developer's code signing certificate?

    And is there any other way to become a trusted application without going down the Java Verified route (as only a handful of handsets have the certificate)?

  2. #2
    Registered User
    Join Date
    Sep 2003
    Posts
    17

    Code signing Nokia 6600

    Hi,
    I have read all the documentation and gone through the process of purchasing a VeriSign Java code signing cert.

    The app installs on the device when not signed.

    When i sign it it will not install giving a security error.

    I have bee reading the bulleting boards from around and it seems that the 6600 cannot install signed midlets.

    can anyone confirm or deny this, and also if the same applies to other devices.....


    thinking what a waste ........

  3. #3
    Registered User
    Join Date
    May 2004
    Posts
    7
    Hola,

    What I've managed to figure out when testing Nokia 6600 and 6260 -phones and signed midlets, that you have two certificates (MIDlet-Certificate-n-n -attributes) in your jad-file, because these Series 60 -phones do not have intermediate certificates installed in the phone's memory unlike Series 40-phones.

    And with 6600 the phone's SW should be 4.09.1 or higher. A quote from Nokia's known issues document:

    "No solutions exist for software version 3.42.1, but this issue has been corrected in software release 4.09.1, where 3rd party domain will be supported."


    -t

  4. #4
    Registered User
    Join Date
    Sep 2003
    Posts
    17

    Verisign certs

    Thanks for the response.
    I spotted that issue for the frimware version of the 6600.

    Also, i think this cert business is a bit of a mess.
    Looking at Motorola for example, even though the root certs exist on the device and the code is signed using a verisign cert we purchased you still cannot install the app on Motorola.

    see following quote from motocoder support on V535 specific

    "Dear Developer,

    The following article still is true for this device too.

    Title: Signing a midlet suite
    URL: https://motocoder.custhelp.com/cgi-b...ted=1092167721"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •