×

Discussion Board

Results 1 to 7 of 7
  1. #1
    Registered User
    Join Date
    Oct 2006
    Posts
    13

    Unhappy How can I install a CA or SelfSign Certificate on the a S60 3rd phone.

    Hello,
    I would like to install a CA or Self Sign certificate on a N80.
    Unfortunately, all new installed certificates also Verisign Certs become in the “certif. Management” only trusted settings for “Internet” and “online certif. Check”. The option “program installation” for MIDP2 Application is always missing.

    I used for the Installation the File Manager of the Nokia PC Suite an the second way via a WebServer with the right mine-types for the download.

    Verisign Cert:
    - VeriSign Class 3 Code Signig 2004-2014 CA
    - Public Primary Certification Authority.

    And a SelfSignCert:
    - keytool -genkey -alias {myalias} -keyalg RSA -validity 365
    ….
    What is wrong?
    Needs the certificate a special extension for code signing?
    Is it generally impossible to install code signing certificates on N80(FM: V4.0623.0.41)?
    (btw. It can be deleted!?)

    thanks!
    Walter

  2. #2
    Nokia Developer Expert
    Join Date
    Jun 2005
    Posts
    923

    Re: How can I install a CA or SelfSign Certificate on the a S60 3rd phone.

    Hi,

    For S60 3rd. edition phones, you cannot install self-signed root certificates to authenticate midlets signed with your certificate. This is only possible in 2nd. edition phones.

    Daniel

  3. #3
    Registered User
    Join Date
    Oct 2006
    Posts
    13

    Re: How can I install a CA or SelfSign Certificate on the a S60 3rd phone.

    Hello Daniel, thanks for your prompt replay.

    I have contacted Verisign for the correct CA and Root Certificates which should be
    used form Nokia for the cert. installation.
    I got two certificates “verisign codesigning root.cer” and “verisign codesigning intermediate.cer”

    I deleted the old MIDP2 Verisigcert on my N80 device and tried to install the official
    verisign certs. The installation succeeded but only again for “Internet” and “Online Cert. Checks”!?

    Well, how can I install official CA on my device? I have already bought java code sign cert from “GLOBALSIGN(CyberTrust)” but the installation result has the same effect.

    PS. Or, is there a other way to get the rights for my application (please say not the java verified Program, it is only for release versions successful not for prototypes)?

    Yours sincerely,
    Walter

  4. #4
    Registered User
    Join Date
    Mar 2003
    Posts
    4,105
    It was no good idea to remove the VeriSign Code Signing certificate as there is NO official way to get it back yourself. You should Nokia support channels and restore the firmware. I do not think a reset of the device will do.

    For code signing you can use the installed certifactes only. No way to install other or even the same ones. Either you go for thawte, VeriSign or Java Verified, depending on the certificates installed on your phone.

    When you had problem with your VeriSign code certificate, I guess this was because of a misconfiguration of your deployment system. Please have a look there as intermediate certificates required for VeriSign and thawte can create headaches.

  5. #5
    Registered User
    Join Date
    Oct 2006
    Posts
    13

    Thumbs down Re: How can I install a CA or SelfSign Certificate on the a S60 3rd phone.

    Hello, this sounds to everything very peculiarly.
    - I can delete certificates but I can’t install it any more.
    - Official CAs can’t be installed, I have to buy a
    certificates only of Versisign or Thawet to distribute software.

    I don't understand this. Goes the security a little too far here
    and tries anybody to make money with a monopoly!?

  6. #6
    Super Contributor
    Join Date
    Apr 2003
    Location
    USA, CA
    Posts
    7,191

    Re: How can I install a CA or SelfSign Certificate on the a S60 3rd phone.

    If I remember correctly, MIDP spec states that one should not be able to install certificates on the device which could be then used for signing the midlets.

    Hartti

  7. #7
    Registered User
    Join Date
    Mar 2003
    Posts
    4,105
    Quote Originally Posted by whin
    Goes the security a little too far here
    and tries anybody to make money with a monopoly!?
    Hihi.
    From my experience, I do not believe it is the latter one, although everything is VeriSign (thawte and GeoTrust) now, it was not at the start. Additionally, Nokia does not earn anything out of it, they just have trouble with it. Only some operators … well they have more trouble with this, too.

    Personally, I think there are a lot of misunderstandings in the idea of MIDP specification creating a gap to a real implementation. This leads to a theoretical discussion and nowhere. It is like it is.

    Anyway, I call this a bug. A user might be able to disable a factory built-in certificate, however, should never be able to delete it. Then the MIDlets should install but not start and the system should explain why!
    Nevertheless, all devices I know have this “bug“.

Similar Threads

  1. Carbide c++ and S60 3rd Edition Feature Pack 1 Working
    By jimgilmour1 in forum Carbide.c++ IDE and plug-ins (Closed)
    Replies: 1
    Last Post: 2006-10-18, 20:39
  2. How to install component s60 3rd ed
    By Santehnik in forum Symbian
    Replies: 2
    Last Post: 2006-08-07, 12:04
  3. Problem with Thawte certificate in the S60 v3 emulator
    By stefanb22 in forum Mobile Java Networking & Messaging & Security
    Replies: 1
    Last Post: 2006-04-07, 19:40
  4. How to install a signed MIDlet into S60 SDK?
    By nn_tt in forum Mobile Java General
    Replies: 0
    Last Post: 2004-03-18, 07:18

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×