MIDlet signing -trusted third party

Similar Messages

• Adding SAN through web-security and Creating CSR for Tomcat (CUCM 10.5) to be signed by Third Party CA

  Hi Guys,
  Wondering if Any one has done this or could suggest the needful,
  We are running CUCM 10.5 cluster and currently using self-signed certificate for Tomcat. Now, we would like to get it signed by Third party CA.
  Just to be clear that we are doing this for Jabber clients so they should not get prompted for certificate Invalid.
  Now the issue; The CUCM is using IP address as hostname and for that reason we had to add the desired IP address under SAN (alternate name) through set web-security command. We did that successfully and restarted the Tomcat service and when we run the Show web-security command, it does show the added SAN;
   altNames: 2 names
            1) UCS-CUCM-UB.domain (dNSName)
            2) 10.x.x.x (dNSName)
  But when we try to generate the new CSR, it didn't contain the modified SAN, just the first one i.e only 1) UCS-CUCM-UB.domain (dNSName)
  Is there anything we missed here to get the added SAN being populated in the new CSR ?
  Regards
  M

  Hi Gordon,
  Thank you for your prompt response. For recommendation, you are right but we don't want to initiate that change for now unless, there is no other option left.
  While Generating new CSR, under SAN, there is only Parent Domain field which is populated with our domain name. How should I add the IP address there ?
  Regards

• Blackberry Signed for Third Party Software

  Hi,
  I am involved in developing software for Blackberry, and want to know what sort of certification is required for the software i am developing.
  SOmething similar to Symbian Certified (ref: https://www.symbiansigned.com/app/page)
  plus, is there a test Criteria? for Certifying an application for Blackberry
  Thanks,
  -Kamal.

  http://na.blackberry.com/eng/support/programs/training.jsp
  and
  http://na.blackberry.com/eng/support/programs/certification.jsp
  The search box on top-right of this page is your true friend, and the public Knowledge Base too:

• Midlet Signing

  Hello,
  Questions
  - Is trusted third party signing enough to reach a significant amount of JSR-75 compatible mobiles, with a good user experience ?
  -What is the best third party for signing midlets ?
  - Is Manufacturer & Operator Sining feasible for a small company ?
  Background
  we're involved in a project that aims at accessing various data on the memory car/Internal memory/Sim+ memory of mobile phones.
  we know JSR-75 "File connection" is a must to do that, and we wish to use it on every capable phone.
  Different-devices = different-behaviour
  However, we are facing a platform/menufacturer specific issue :
  With an unsigned midlet :
  -Nokia device (6680, 6120, n95...) give access to the data, but keeps asking the permission to the user each time he wants to read a single file
  -Sagem (my700x) device allows us to configure the program so that we're asked only once the permission.
  - Motorola (RAZR V3i) freezes....
  Midlet signing solutions
  I know that midlet signing can help. However, we don't know which signing process suites our need :
  - Java Code Signing (self-certification using keytool)
  - Java Code Signing - Trusted third party (buying the certificate from Verysign or Thawthe as in google mail)
  - Manufacturer & Operator.
  Edited by: Nicolas_Dmailer on Dec 19, 2007 8:16 AM
  Edited by: Nicolas_Dmailer on Dec 19, 2007 11:53 PM

  Signing issue related with permission of midlet like to send the SMS to open the http connection that api required certification of third party & u can sign the midlet using tool givan by java itself
  here is link u can see the how to sign the midlet first then follow the certification procedure
  http://developers.sun.com/techtopics/mobility/wtk/demos/wtk-sign.html
  its link how can sign with wireless tollkit
  to certification u can follow but u have to check u rdevice which certification support then choose
  1) Verisign certification : u can visit www.verisign.com here u got the link for digital key under u got link for for sun java certification
  2)Also u can follow thawte certification : u can visit also thwate.com
  3)Or u can visit for java certification www.javacertification.com
  Regards
  AB
  for RMS persistence issue no need of signing u have to check code

• SA520W: difficulty getting self certificate request signed by trusted 3rd party

  Please forgive me if this is a dumb question or if I am fundamentally confused, but I have pored over the manual, forum, and web.  Very simply I need a trusted third party to sign my CSR and then for the SA520W to accept it as the active self certificate.  In principle this is straightforward but I cannot figure out how to make this work in practice.  Two examples.
  1) GoDaddy:  they require a 2048 bit signature and the router only generates 1024.  I can generate my own CSR with OpenSSL but then am unable to upload my 2048 bit key to the router, and thus the signed certificate is not accepted
  2)  Verisign.  They will take the router's 1024 bit signature, but they require lots of fields in the CSR, like country and state, that are not supported by the router's generate CSR function.  Thus Verisign will not accept the CSR.
  Is there any way to get the router to accept a CSR signed by GoDaddy?  Or any CA?
  Thanks in advance.
  Andy

  Sorry to dredge up an old thread, but I've been trying to get this to work for the last three weeks also.
  The firmware supports a 2048 bit key, so that's not the issue.
  I entered all the information that the registrar wanted into the CN field, in the correct format.
  The registrar has accepted the CSR and generated the certificate, and returned it to me.
  I'm using a Geotrust quickSSL certificate.
  Now, the issue is that I can't upload the certificate. If I try and load it, I get the error;
  "No trusted certificate found, Can't Upload Self Certificate"
  So, I'm guessing it is a chaining issue. I go to http://www.geotrust.com/resources/root-certificates/
  I download the Root 1  "Download - Equifax Secure Certificate Authority (Base-64 encoded X.509) Right Click, Save As"
  and then I try to add it to the SA520 as a trusted certificate...
  "Added Trusted Certificate"
  Now I try adding my signed certificate again, and get the error;
  "No trusted certificate found, Can't Upload Self Certificate"
  So we're still missing something (intermediate certificate(?)), so I try adding the next one in the list;
  I download Root 2 "Download - GeoTrust Global CA (Base-64 encoded X.509) Right Click, Save As"
  and try to add it to the SA520 as a trusted certificate...
  "Cannot Add Trusted Certificate"
  So I try the next one...
  I download Root 3 "Download - GeoTrust Primary CA (.pem file) Right Click, Save As"
  and then I try to add it to the SA520 as a trusted certificate...
  "Added Trusted Certificate"
  So, once again, I try my signed certificate and get the same error;
  "No trusted certificate found, Can't Upload Self Certificate"
  So I give up on the Cisco, and go to a Mac which has great keychain management.
  I open my signed certificate on the mac, and see it is issued by "GeoTrust DV SSL CA"
  Hang on, that's the "Root 2" certificate above that wouldn't load. I try add the Root 2 again, but I get the same error
  So I contact Geotrust and get them to send me the DV SSL CA file, which I upload successfully.
  Now, I have three trusted Certificates from Geotrust loaded.
  Trusted Certificates (CA Certificate)
  CA Identity (Subject Name)
  Issuer Name
  Expiry Time
  C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
  C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
  May 21 04:00:00 2022 GMT
  C=US, O=GeoTrust Inc., OU=Domain Validated SSL, CN=GeoTrust DV SSL CA
  C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
  Feb 25 21:32:31 2020 GMT
  C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
  C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
  Jul 16 23:59:59 2036 GMT
  So I try once again to upload my signed certificate, and once again, I get:
  "No trusted certificate found, Can't Upload Self Certificate"
  So, the question is, WHAT is going on ? Has anyone at Cisco managed to load a GeoTrust certficate into this device, if so, step by step, HOW ?
  Thanks !

• Error While importing third party certificate

  Hi,
  In my application I'm using HTTPS for secure connectivity.For that purpose I signed my midlet using a third Party certificate (GoDaddy's Certificate).But when I'm hitiing the url it is not working.
  I've done this with generating my own certificate with Tomcat.It is working fine there.I followed the following topic to create Certificate for TomCat
  http://143.129.203.3/s/sitter/sl2nap/javaSSLprogr.htm
  but when i'm hitiing some live url then it is not working!
  Please provide me proper help if possible
  Thanx in advance

  Slawrence,
  It appears that in the past few days you have not received a response to your
  posting. That concerns us, and has triggered this automated reply.
  Has your problem been resolved? If not, you might try one of the following options:
  - Do a search of our knowledgebase at http://support.novell.com/search/kb_index.jsp
  - Check all of the other support tools and options available at
  http://support.novell.com.
  - You could also try posting your message again. Make sure it is posted in the
  correct newsgroup. (http://support.novell.com/forums)
  Be sure to read the forum FAQ about what to expect in the way of responses:
  http://support.novell.com/forums/faq_general.html
  If this is a reply to a duplicate posting, please ignore and accept our apologies
  and rest assured we will issue a stern reprimand to our posting bot.
  Good luck!
  Your Novell Product Support Forums Team
  http://support.novell.com/forums/

• Best way to make a jar with third party jars

  hi, i have a question.
  i have an application that uses different third party jars. For the moment i make my jar like this :
  a) i include all my third party jars (it is working)
  or is it better to
  b) include the jars in the jnlp file
  if b is better should i :
  b1) link to them to another jnlp file, like this :
  <extension name ....
  or
  b2) just put them as resources
  Another question :
  i sign my jar, but can't access the local file system. if i use solution a from above, do i have also to sign the jars that i include in my jar...
  for solution b i think i will have to sign all the jars... right ?
  Thx for your help

  hi, i have a question.
  i have an application that uses different third party
  jars. For the moment i make my jar like this :
  a) i include all my third party jars (it is working)
  or is it better to
  b) include the jars in the jnlp file
  this is best, leaving the third party jars alone.
  if b is better should i :
  b1) link to them to another jnlp file, like this :
  <extension name ....
  If you app needs all-permissions, it is best to do it this way, you can, for example, sign your jar, and then ask for all-permissions in the main jnlp file, then not ask for all-permissions in the extension jnlp file. Or you can ask for all-permission in the extension as well, if the third party jars are signed, and need all-permissions to run properly.
  or
  b2) just put them as resources
  if you don't need all-permissions anywhere, this is easiest.
  If you do need all-permissions everywhere, you could also do this, but you would need to sign the third party jars with the same certificate chain as you signed your jar.
  If the third party jars are allready signed by the third party, or if all-permissions are only needed in some of the jars, the b1 is beter.
  >
  Another question :
  i sign my jar, but can't access the local file
  system. if i use solution a from above, do i have
  also to sign the jars that i include in my jar...
  You need to add :
  <security> <all-permissions/> </security>
  to your jnlp file. In that case, all the jars listed as resources in that jnlp file need to be signed, and by the same certificate.
  for solution b i think i will have to sign all the
  jars... right ?
  yes
  Thx for your help/Andy

• Create a JAR including third party JARS

  How can I export my project into a JAR file also including the third party JARs being used from my application (project)?
  I think Eclipse does not support this, does it?
  The problem is, that when I export my project into a JAR and then manually put the required JARs into the JAR using WinZip I do get such an Exception:
  java.lang.NoClassDefFoundError: oracle/ucp/jdbc/PoolDataSourceFactory
  In my project I have a class (Runner.java) with a main method which the user can invoke from command line. Furthermore I have a GUI also with a main method which internally invokes Runner.java. How can I start either of themain methods/classes both in the same JAR?
  Thank you.

  hi, i have a question.
  i have an application that uses different third party
  jars. For the moment i make my jar like this :
  a) i include all my third party jars (it is working)
  or is it better to
  b) include the jars in the jnlp file
  this is best, leaving the third party jars alone.
  if b is better should i :
  b1) link to them to another jnlp file, like this :
  <extension name ....
  If you app needs all-permissions, it is best to do it this way, you can, for example, sign your jar, and then ask for all-permissions in the main jnlp file, then not ask for all-permissions in the extension jnlp file. Or you can ask for all-permission in the extension as well, if the third party jars are signed, and need all-permissions to run properly.
  or
  b2) just put them as resources
  if you don't need all-permissions anywhere, this is easiest.
  If you do need all-permissions everywhere, you could also do this, but you would need to sign the third party jars with the same certificate chain as you signed your jar.
  If the third party jars are allready signed by the third party, or if all-permissions are only needed in some of the jars, the b1 is beter.
  >
  Another question :
  i sign my jar, but can't access the local file
  system. if i use solution a from above, do i have
  also to sign the jars that i include in my jar...
  You need to add :
  <security> <all-permissions/> </security>
  to your jnlp file. In that case, all the jars listed as resources in that jnlp file need to be signed, and by the same certificate.
  for solution b i think i will have to sign all the
  jars... right ?
  yes
  Thx for your help/Andy

• Replace Self-Signed FAST Search Certificate with Third Party Certificate

  We are trying to replace the Self-Signed FAST Search Certificate with Third Party Certificate in our SP 2010 environment. And are facing issues while enabling the SSL communication between the FAST servers and the corporate servers.
  Our FAST search servers are in a different farm than that of the Corporate Servers.
  The details of the certificate we received is as follows:
  Issued to : FastSearchCert
  Issued By: Issuer Name
  Valid From: 4/21/2015 to 4/20/2017
  We were able to successfully renew the certificate on the FAST Search Server by following the below steps:
  1.  Login to the Administrative and the Non-Administrative nodes 
  of the FAST server. Go to Windows Service and stop the FAST Search for SharePoint and the FAST Search for SharePoint Monitoring services in both the servers.
  Follow the below steps in the Administrative Node followed by the Non-Administrative Node
  2. 
  Install the certificate in the following paths in the certificate store:
  “Certificates(Local Computer)\Personal”
  “Certificates(Local Computer)\Trusted Root Certification Authorities”
  3. Ensure that the user account configured for the “FAST Search Server 2010 for SharePoint” has access to the private key of the certificate.
  4. Go the Administrative node of the FAST farm and follow the below steps:
  Go to the certificate store.
  Expand the Personal folder and then click the Certificates folder. Double-click the third party signed FAST certificate.
  Open the Details tab and then click Thumbprint. Note down this thumbprint.
  5. Next, open
  Microsoft FAST Search Server 2010 for SharePoint with Administrator
  Privileges.
  6.
  Navigate to the directory, “D:\FASTSearch\installer\scripts” and execute the below command to replace the current certificate with the newly created
  third party signed FAST certificate.
  .\ReplaceDefaultCertificate.ps1 -thumbprint "certificate thumbprint".
  7. The FAST certificate was renewed successfully.
  Once the certificate has been renewed successfully in both the nodes, follow the below step:
  8. Start the FASTSearch for SharePoint and the FAST Search
  for SharePoint Monitoring services in the administrator server.
  Next, while enabling the SSL communication between the FAST servers and the other corporate servers, we follow the below steps:
  1. 
  Copy the new certificate from any of the FAST servers to all the web-front end and application servers in the corporate farm, in order to enable SSL communication between these servers and the FAST farm.
  2.   Also, copy the script
  ‘SecureFASTSearchConnector.ps1’ from the location “%FASTSearchFolder%\installer\scripts” in the FAST servers 
  to the web-front end and application servers of the corporate farm.
  3.  Follow the below steps on each of the servers in the corporate farm:
  Open ‘SharePoint 2010 Management Shell’ with administrator privileges and navigate to the directory in which
  SecureFASTSearchConnector.ps1’ script is located.
  And then, execute the below command:
   .\SecureFASTSearchConnector.ps1 -certThumbprint "certificate thumbprint" –ssaName “FASTCibtebtSSA” –username “DOMAIN\SP_Farm”
   Where,
  -certThumbprint 
  - Thumbprint of the certificate
  -ssaName – FAST Content SSA
  -username – The account configured to run the SharePoint
  Search Service
  On execution of the above command, we receive an error message stating that the "Connection to the Content Distributor servername.corp.abc.org: 14391 could not be validated...instance of FAST search server backend is running"
  Please help us resolve this issue. We have not been able to find the cause of the above error for a long time.
  Any help is much appreciated.

  Your tip on exporting from eDir to locate a missing private key was very helpful. Here are my steps to renew an expired third party certificate when the private key, generated 30 months ago in my case, could not be located.
  In iManager, browse the tree and locate the likely certificate object. The Attributes for the object show Subject Name = webmail.acme.com. Selected the certificate and exported to webmailcert.pfx.
  Then, the openssl commands in TID 7004039, "How to convert a SSL PFX to a PEM file", were run against the .pfx file to create cert.pem, key.pem and server.key files.
  TID 7015500, "How to determine if private key belongs to public key (certificate)", was followed to determine if the public key (downloaded from third party) and private key (just retrieved from iManager) match - they did - that is, the private key converted from webmailcert.pfx matches the downloaded certificate.
  TID 7013103, "How to create a .pem File for SSL certificate Installations", was followed to manually create a server.pem file using openssl.
  TID 7010584, "How to setup SSL Certificate for Apache", part labeled "Additional Information" was followed to modify /etc/apache2/vhosts.d/vhost-ssl.conf file. Server.pem file created above copied to /etc/apache2/ssl.crt/ and /etc/ssl/servercerts/ directories as specified in vhost-ssl.conf.
  Restarted apache2.
  www.digicert.com has an SSL Certificate Checker that can be used to verify the installation is successful.

• How to integrate single sign on with third party system

  we are in the process of implementing istore application. we already have home grown isupport application to contact support personnal for any issues. Now we are wondering how do we integrate oracle applications single sign on with our third pary system. Is there any recommendation provided by oracle to achieve the same.

  We too are in the process of implementing iStore with SSO features.
  And if you believe me it seems to me as nightmare.
  In our scenerio we are intgrating this SSO with Third party access control too (AD and Siteminder). I would request you to please respond me on the following mail id , so we can share our experince which will help us in our implementation
  [email protected]
  regards and thanks in advance
  Vikas Deep

• Cannot find embedded third-party .class in my own signed .cab

  Hello,
  This is complicated.
  I'm building an applet that operates a piece of hardware on a PC (think Win32-only.) A third-party provider (henceforth referred to as TPP) provides software drivers that will be installed on client machines.
  ORIGINALLY the TPP provided a <client>.dll and a C/C++ SDK. To make the project work, I followed the article http://www.javaworld.com/javaworld/jw-10-1998/jw-10-apptowin32.html.
  I built <homegrown>.DLL using JNI, made a signed <homegrown>.cab, and the applet works just great on IE. However, I have to ditch the entire thing (see below.)
  Now the TPP is providing a Java SDK in a <client>.JAR. The SDK interfaces with a <client_jni>.dll.
  I can expect that the client machine will have <client>.dll and <client_jni>.dll installed in the \winnt\system32 (or whichever %SYSTEMROOT% directory.)
  So, I ditched the <homegrown>.dll, and built a new .cab. Now, to build the .cab, I took the contents of <client>.jar and dumped them into the same directory structure as the one I use to build <homegrown>.cab. Note that <client>.jar is not signed.
  So in other words, if you look at the exception below, I, in fact, do have a directory structure that contains: "com/IridianTech/PIDresult.class" and "com/panasonic/authenticam/LoginApplet.class"
  When I run the applet, it asks me if I want to run the signed applet. I click Yes. The Java Console responds with the following:
  Error loading class: com.IridianTech.PIDresult
  java.lang.NoClassDefFoundError
  java.lang.ClassNotFoundException: com.IridianTech.PIDresult
       at com/ms/vm/loader/URLClassLoader.loadClass (URLClassLoader.java)
       at java/lang/ClassLoader.loadClassInternal (ClassLoader.java)
       at com/panasonic/authenticam/PIDInterface.<init> (PIDInterface.java:12)
       at com/panasonic/authenticam/LoginApplet.init (LoginApplet.java:52)
       at com/ms/applet/AppletPanel.securedCall0 (AppletPanel.java)
       at com/ms/applet/AppletPanel.securedCall (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.processSentEvent (AppletPanel.java)
       at com/ms/applet/AppletPanel.run (AppletPanel.java)
       at java/lang/Thread.run (Thread.java)
  I have looked at the contents of <homegrown>.cab with WinZip, and I can see PIDresult.class in the right place.
  HOW I AM TESTING: I have IBM Websphere running directly on my PC.
  TWO QUESTIONS:
  1. Do I need to sign the applet anymore, just to use a pre-installed client_jni.dll? (Probably)
  2. WHAT DO I DO??

  This is some code i'm using:
  <applet code="upload.class" archive="upload.jar" codebase="." width="500" height="200">
  <!--<param name="codebase" value="."> -->
  <param name="cabbase" value="upload.cab">
  <param name="button_text" value="Upload via HTTP">
  <param name="file_varname" value="filename_value"><!-- where is this for? -->
  <param name="upload_url" value="http://10.2.1.133/upload/recieve.php">
  </applet>

• How to generate csr for third party code signing cert?

  I've been reading about code signing, but can't see how to generate a csr to use with a third party CA. Does someone have a tutorial, link, suggestion?

  Hi,
  Here is an document which discussed on how to implement code signing with using third party certificate for you reference:
  http://download.microsoft.com/download/a/f/7/af7777e5-7dcd-4800-8a0a-b18336565f5b/best_practices.doc
  For further suggestions, it is recommend you to get further support in the MSDN Forum so that you can get the most qualified pool of respondents.
  http://social.msdn.microsoft.com/forums/en-US/categories/
  Thanks
  Tiger Li 
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• How do I sign an IPA coming from a third party developer with our Distribution Profile?

  We have an app developed from a third party developer. We then received his IPA file.
  Upon uploading the IPA using Application Loader, we are getting this error,
  We tried sending our Mobile Developer and Distribution Provisioning Profiles to him, but he cannot build the IPA and told us he needs our Private Key (which we are not considering since we fear that he may be able to develop apps using our account).
  We tried manually signing the IPA using terminal but we are getting this error:
  What can we do?
  Thanks in advance!

  One of the 3rd-party Crystal Reports viewers listed at http://www.kenhamady.com/bookmarks.html provides a full command line API, so you can call a report from your app and pass parameter values, login info, etc.

• Signing in with Third Party Accounts

  So, I tried to sign into the HP ePrintCenter with my gmail and facebook accounts however I get this message "only third party accounts that have previously registered with the ePrintCenter can sign in" What does this mean and how do you register your account with the website?

  Hello User1246, sorry to find out that you are experiencing the problem;
  Is easy to sing in with your google account and others 3rd party accounts look for logo of the account in  in the left sign of the sign in button, just try in the HP eprint Center.
  If you are not experiencing this issue any longer,  May you let me know, for your time and courtesy,
  will be deeply graceful.
  RobertoR
  Remember=▼
  You can say THANKS by clicking the KUDOS STAR. If my suggestion resolves your issue Mark as a "SOLUTION" this way others can benefit Thanks in Advance!

• EPrintCent​er sign in using a third party account

  Product Name and Number
  HP Deskjet 3054A All-in-One Printer J611c
  Error message encountered.
  The ePrintCenter sign in page has Yahoo and Facebook sign in buttons but when I try to use those I get the following error message:
  "Only third party accounts that have previously registered with the ePrintCenter can sign in."
  My question is:
  How can I register my Yahoo & Facebook accounts with my existing ePrintCenter account? I can't find the appropriate settings menu within ePrintCenter.

  WSM should not affect the quality of your images. Have a look here for image optimization...
  http://roddymckay.com/PhotoSatellite/OptimizeImageFile.html