×
Namespaces

Variants
Actions
(Difference between revisions)

Java ME signing for dummies

From Nokia Developer Wiki
Jump to: navigation, search
hartti (Talk | contribs)
m
hartti (Talk | contribs)
m (added minor comment on certificate availability)
Line 5: Line 5:
 
Want [[Java_Security_Domains|a theoretic overview of Java ME security policy]]? No? Read on then for more down-to-earth story.
 
Want [[Java_Security_Domains|a theoretic overview of Java ME security policy]]? No? Read on then for more down-to-earth story.
  
'''What certificates to use?''' Mostly the answer is VeriSign, Thawte, or Java Verified. (but note that they cost money and that Java Verified is in fact a certification and testing program).
+
'''What certificates to use?''' Mostly the answer is VeriSign, Thawte, or Java Verified. (but note that they cost money, and that Java Verified is in fact a certification and testing program). Note also that these certificates are widely available on various devices, but they are not available on all devices (device-level, regional, and operator-specific differences are many).
  
 
Yes, when you '''buy a certificate''' (usually for a certain duration of time - 1 or 2 years) you can use that certificate for signing for the duration of the certificate. You can install MIDlets on the phone even after that period, granted that the corresponding root certificate is still valid - which they should be until sometime in 2020...
 
Yes, when you '''buy a certificate''' (usually for a certain duration of time - 1 or 2 years) you can use that certificate for signing for the duration of the certificate. You can install MIDlets on the phone even after that period, granted that the corresponding root certificate is still valid - which they should be until sometime in 2020...

Revision as of 03:53, 9 July 2008


So your MIDlet causes too many confirmation dialogs? Someone suggested signing for you? You are in the right place....

Want a theoretic overview of Java ME security policy? No? Read on then for more down-to-earth story.

What certificates to use? Mostly the answer is VeriSign, Thawte, or Java Verified. (but note that they cost money, and that Java Verified is in fact a certification and testing program). Note also that these certificates are widely available on various devices, but they are not available on all devices (device-level, regional, and operator-specific differences are many).

Yes, when you buy a certificate (usually for a certain duration of time - 1 or 2 years) you can use that certificate for signing for the duration of the certificate. You can install MIDlets on the phone even after that period, granted that the corresponding root certificate is still valid - which they should be until sometime in 2020...

What are the steps for signing? Check these step-by-step instructions to sign with a VeriSign certificate. After signing the JAD file should be a little fatter (with RSA-SHA and Certificate chain attributes) whereas there are no changes for the JAR.

No, you cannot install an additional certificate for MIDlet signing on your phone. It does not matter if you created the certificate yourself or if got some root certificate from a trusted CA. (ok, ok, there is a bug on S60 2nd Edition devices which makes this possible...) And please, direct your complaints to MIDP specification group.

What? You deleted a code signing certificate from your phone? No way to revert that. See above.

Made changes to your MIDlet after signing? Seriously, no problem. Just sign the MIDlet again. (Of course if you got the signature from Java Verified after passing the tests, you need to go through the testing again and pay for the additional testing round.)

234 page views in the last 30 days.