I have Developed a j2me Application which i want to digitally sign with a Certificate
that i am going to buy from Verisign.The application is simply doing http/https connections.
My questions are:
(1) Which tool should i use? WTK 2.5.2 signing tools or something else like openssl?
(2) In which Security domain should i include My certificate? identified_third_party or something else?
Additionally lets say that the Phone in which i am going to install my application for some reason does NOT
CONTAIN the appropriate ROOT Certificate from Verisign (in which belongs the certificate that i will buy)
The (Crucial) Questions are:
(A)What will happen if i will try to install my signed Midlet in a handset not containt Verisign Root Certificate?
will be installed or no installation at all will take place?
(B)What will happen if i sign my Midlet with one a "Self Signed" Certificate and install it to my Handset?
Finally what must be my decision for Handsets that do not include the Appropriate Verisign ROOT Certificate?
(a)Sign My Application with the Certificate that i will buy From Verisign?
(b)Sign My Application a "Self Signed" Certificate?
(c)Do not Sign the application at all?
(d)Buy A second Certificate from another CA authrity ie thawte