Self-Signed for User Grantable Permissions

A devCert from symbiansigned.com is not needed at all during development for the user grantable permissions:

LocalServices NetworkServices ReadUserData UserEnvironment WriteUserData

...and coming in 3rd FP2... the Location permission will be added to the user grantable list.

With self-signed you can sign a sis file to run on any phone. In this case the installer displays warnings, lists the requested permissions for the user to grant.

I have to confess I did not understand this after reading the materials and I suspect that many others are suffering from the same confusion. I thought that a devCert for each IMEI was needed for self-signing.

I think a lot of traffic coming to symbiansigned.com and many postings here could be eliminated if self-signed is promoted more prominently. The self-signed option is not even mentioned in "The Complete Guide to Symbian Signed" (2nd ed 11/07). Rather the guide encourages "developers" to pursue publisher IDs. It fails to mention the requests from individual developers are not valid.

Run makekeys one time on your PC to create a self-signing certificate.

[CODE]
makekeys -cert -password yourpassword -len 1024 -dname "CN=Test User OU=Development OR=Company CO=FI EM=test@company.com" mykey.key mycert.cer

signsis <application_name>.sis <application_name>.sisx <Path>\mycert.cer <Path>\mykey.key
[/CODE]

With Carbide C++ you can set the cert and key in a "Build Configration" in Project Properties instead of using signsis at the command line.

Note: I found I had to uninstall devCert signed app before I could install the self-signed version. Otherwise the installer reported "File Corrupted".

I would be really surprised for this to be a piece of news for any developer but a reminder does not hurt at all. ;)

The real problem is that we have developers like [URL="http://www.afischer-online.de/sos/celltrack/"]this[/URL] one and "useful" sites like [URL="http://www.gosymbian.com/forum/viewtopic.php?t=757"]this[/URL].

I would challenge anyone to find a sequence of links from [url]http://forum.nokia.com[/url] or [url]http://symbiansigned.com[/url] to proper guidance for self-signed; such that the reader is not first advised to obtain a devcert.

It would be interesting to know how many open-signed submissions only require the user grantable permissions.

From Getting Started section (SDK Help 3rd edition FP1: newest available devices)
First mention of self-signing states:

"[b]Self Signed Certificate[/b]
When an application requires [b]no capabilities[/b] or utilizes APIs which are open to all. This can be used when testing an application in one’s own device or when shipping the application."

See the problem? It says self-signed is for "no capabilities".

It tries to clarify "Note: If your application does not require capabilities beyond the group of APIs open to all, you do not necessarily need a Developer Certificate. In this case you can use a Self Signed Certificate."

But that is not clear at all. "APIs open to all" would seem to mean the unrestricted APIs that require no capabilities.

In the next section
"Before installing the .sis file of an application to the target device and testing it there, you need to [b]acquire a Symbian Developer Certificate[/b] (DevCert) for the target S60 device/devices in question."

[For the capabilities] "[b]Local Services, User Environment, Network Services[/b], Location, [b]Read User Data, Write User Data[/b], SWEvent, SurroundingsDD, ProtSrv, Power Mgmt"

[QUOTE=pzul_wisner;391301]I would challenge anyone to find a sequence of links from [url]http://forum.nokia.com[/url] or [url]http://symbiansigned.com[/url] to proper guidance for self-signed; such that the reader is not first advised to obtain a devcert. [/QUOTE]

'ere goes :)

[url]http://wiki.forum.nokia.com/index.php/How_to_sign_a_.Sis_file_with_Self-Sign_Certificate[/url]

I didn't say the information about self-signed didn't exist!

I am saying it is hard to find and that the reader is first told to get a DevCert.

Thanks Paul!!!

I agree it is not at all clear that for many capabilities it is possible to self-sign the applications.

I think this information should be made [B]a lot more [/B]evident. What about a sticky thread in this forum with a title like "When do you really need a certificate and when not"?

BTW it would also be useful to list when a certificate is actually required.

Best,
Enrico

I'll see what we can do. Symbian is now responsible for all the signing questions. Forum Nokia is referring all questions to Symbian so they may want the traffic to go there first. I'll see if they have a FAQ on their site or a link to it that I can post here.

Ron

Ron