Hi
Is this possible that to create your custom certificate & sign your Mobile Application ?so the answer is yes it is possible but how?this is also a another question that annoying me too much .so after goggling too much & try different procedure i don't get success but than i try to learn where i do mistake because if you are using symbian os handset it so easy but if you are using Windows mobile 6.0 & want to run the J2me application on it with custom certificate Signing so it makes many problem.
Now i here tell u the a steps of creating the custom certificate , how to sign & run the application successfully on the Handset(mine is Windows Mobile 6.0).
Tools we needed is Carbide.j & Openssl.
Now let start Creating the Custom Certificate for our Appliciation .
Step 1
First create your .jad & .jar files you want to sign .Also add the permission of the restricted Api that your application used.
Step2
Now open the command prompt set the Path to openssl Directory(mine is C:/openssl/bin/)
run the following commands
genrsa -des3 -out ca.key 4096
it wil create the ca.key that's your fake self-signed CA private key .
req -new -x509 -days 365 -key ca.key -outform DER -out ca.cer
this command create ca.crt file that's your CA’s public key (certificate) in PEM format
req -new -x509 -days 365 -key ca.key -out ca.crt
this command will create ca.cer file that's your CA’s public key (certificate) in DER format
Note:When you run these above commands it will ask the some valid questions so answer them.
Now, test the certificate's validity by installing it on your desktop. If you are on windows, just double click it and windows will say if the cert is invalid.
Step #3
Now we generate the Certificate signing request(CSR).For CSR i used Carbide.j tool open the Carbid.j (strandalone) Select "Create Application Package" view. In "General" tab choose "recreate based on existing package" option. Pick path to your JAD and JAR files. Now change to "Sign Application Package" view. If you have something in "available alias" area, you may delete at the first time. Click "New keypair" and enter your (your company's) information and click "Create".
Now you should create new entry in the alias box. Click on "Generate CSR". It will prompt to enter a file name (say code-sign.csr). Enter a valid file name in a known location and click OK. Now you have a Certificate Signing Request (CSR) that you can submit to a CA.!
so the file code-sing.csr created.
Step# 4
Now we create the code signing certificate that's the important step.so run these on command prompt.
Note:run this OpenSSL command under (make sure all key/crt/csr files are accessible).
x509 -req -days 365 -in code-sign.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out code-sign.crt
The file created is code-sign.crt.
Step #5
Now we create the certificate package .In this step we combine the ca.crt & code-sign.crt to create .p7c file .I used Internet explorer certificate manager.
Open IE.
Go to Tools->Internet Options->Contents->Certificates.
Pick trusted Root Certificates tab and click import.
Click "Next" & choose path to ca.crt and click "Finish"
Now click on the "Intermediate Certificate Authorities" tab & click Import select code-sign.crt & click Finish .Once it successfully imported you will see the certificate among the other certificate in the "Intermediate Certificate Authorities"tab .
Now select your certificate in the "Intermediate Certificate Authorities"tab and click export pick the file format PKCS#7 (.P7B). and check “include all certificates in the certification path if possible” check box.
Continue until it say Successfully imported & you see code-sign.p7b has been created.
Step #6
Now its time to sign the Midlet .Open the Carbide.j tool .Click on the "Sign Application Package" .Click import certificate & pick the file we created in above step.
Now click the "Sign" and pick your Jad file i hope you will see the Success Message Box.
Step #7
Now verify your .jad you should see the lines like on your jad.
MIDlet-Certificate-1-1: M234gaf...
MIDlet-Certificate-1-2: MLLP343...
MIDlet-Jar-RSA-SHA1: UIYW993...
Step # 7
Now install the certificate into your Windows Mobile6
Connect the mobile to computer through usb .Place your ca.cer file & your sign .jad & .jar file in the mobile directory.
Disconnect the mobile to computer browse the ca.cer in the mobile directory & select the ca.cer file.Then install the certificate & if the certificate successfully installed it prompt that "One or more certificated Installed".
After Installing the certificate open your jvm you used (I used javafx jvm for windows mobile) int the jvm certificates option you see your certificate .
Now close the jvm & browse the directory where you install your .jad & .jar file .Install the Application during install it will show that the application s signed .
After installation don't run the application first set the permissions on your applications .(I used only read & write data api so i select it "Allow Always"the options different across the jvm ) .
No its time to run the installed Application.
I Hope your Application will run & Good Luck :).
No comments:
Post a Comment