j2me Code Signing:Self Signed Certificate VS Unknown Certifi

Forum for J2ME mobile games related topics including programming doubts, books and other resources for J2ME game development

j2me Code Signing:Self Signed Certificate VS Unknown Certifi

Postby menis » Sat Nov 15, 2008 4:00 pm

Hello all,

I have Developed a j2me Application which i want to digitally sign with a Certificate
that i am going to buy from Verisign.The application is simply doing http/https connections.
My questions are:
(1) Which tool should i use? WTK 2.5.2 signing tools or something else like openssl?
(2) In which Security domain should i include My certificate? identified_third_party or something else?

Additionally lets say that the Phone in which i am going to install my application for some reason does NOT
CONTAIN the appropriate ROOT Certificate from Verisign (in which belongs the certificate that i will buy)
The (Crucial) Questions are:
(A)What will happen if i will try to install my signed Midlet in a handset not containt Verisign Root Certificate?
will be installed or no installation at all will take place?
(B)What will happen if i sign my Midlet with one a "Self Signed" Certificate and install it to my Handset?

Finally what must be my decision for Handsets that do not include the Appropriate Verisign ROOT Certificate?
(a)Sign My Application with the Certificate that i will buy From Verisign?
(b)Sign My Application a "Self Signed" Certificate?
(c)Do not Sign the application at all?
(d)Buy A second Certificate from another CA authrity ie thawte


Please HELP!

Thanks

NiKolaos
menis
 
Posts: 12
Joined: Sun Nov 25, 2007 6:11 pm

Return to J2ME Games

Who is online

Users browsing this forum: No registered users and 2 guests

cron