Code Signing - development vs. Production

Similar Questions

• Problem with WebInspector: error: Code signing request failed car-development-Application Mode in the East of the demo is present and is not set [false].

  Hi, I have a problem running the webinspector on my dev alpha.

  Whenever I have create bar folder with the d flag, and then run the signature tool, I got the error message:

  Error: Code signing of the petition failed because Application-Development-Mode demo
  is is present and not set [false].

  How to solve this problem? If I generate the .bar without the flag - d, can I sign and execute on the device, but without web Inspector

  I found the error

  I just had to use the indicator g in bbwp and set my password

  and not reuse bbwp and then the signing tool

• Code signing keys can be used on more than a developer (different PC)?

  Hello

  I applied for a set of code a long time ago signing keys.

  I installed them on the JDE on my computer... and I was able to migrate them to my new computer always on the JDE, then on the eJDE thereafter.  I had a few problems of migration of these keys, but everything is working well now, I am able to sign my application.

  Now, I have a colleague who wants to develop an application using Widgets and there need code signing keys as well.  Can I just send my key itself?  Or he must apply to his own set of keys?

  In other words, the code signing keys used to identify a company or developer?

  Thank you!

  Each developer must have their own set of BlackBerry Code signing keys.  Sharing the key is against the license agreement.

• Code sign VISA raw driver USB for Windows 8

  Hi guys,.

  I wrote a LabVIEW program that communicates with a measuring using NI-VISA (class raw USB) USB device.
  With the development of Driver NI-VISA Wizard, I created two .inf files of drivers (for XP/2000 and 7/Vista).
  It works like a charm on my computer (Windows 7, 64-bit) and on the computers running Windows XP and 32-bit versions of Windows Vista and 7.
  I also have to work on 64 bit versions of Windows Vista and 7 using "disable driver signature enforcement" before installing the driver.
  Once the driver is installed, it is listed under "devices USB of NI-VISA" in the Windows Device Manager. After that I can reactivate the driver signature enforcement, the unit will continue to work, even after a reboot.

  Alas, in the 64-bit version of Windows 8 is not as simple as that. Yes, you can temporarily disable driver signing enforcement, but not on computers that use 'secure boot' or UEFI.
  I know that there are ways to disable booting UEFI's secure, but I don't want that on our customers computers. It seems wrong, and could introduce a large number of security problems.

  The next logical step would be to sign the device driver. Our company has a valid kernel mode code signing certificate and we signed the other drivers with it in the past.
  The problem is that I don't know how to sign my device in the NI-VISA database driver. According to the .inf file it uses WinUSB.sys, a Microsoft USB generic driver (part of the Windows Driver Kit, I think).
  Winusb.sys is already signed by Microsoft and that I could replace the signature, but that probably won't work without some tweaking inf and generate a new catalog file.

  Can someone please give me some pointers on where to start? As a reference, I have attached one of the inf files for this post. This inf file works on Windows Vista and 7.

  It is even possible to create a signed driver based on NI-VISA raw?

  Thanks in advance for your help.

  Paul

  Here's a knockout who described workaround.

  http://digital.NI.com/public.nsf/allkb/36DB8D6AC385052786257A940066A421

  What you have written, you need to generate a catalog (.cat) of the inf file (as described in step 1 of the KB) and then sign the .cat with your certificate file, the same way you would sign your other components. The inf and CAT are always distributed together. The inf file contains information about the cat file that has the signature, and the cat file contains the signature information. Since you have already been distributing the components signed with your own certificate, I'm sure you can understand the process, but please let us know if you have any other questions.

  Thank you

  Pankaj

• Process * \MCSHIELD. EXE the nest (428) contained code signed or corrupted and could not perform an operation with a McAfee driver.

  XP SP3 system

  I get warnings like this when Mcafee updates.

  Process * \MCSHIELD. EXE the nest (428) contained code signed or corrupted and could not perform an operation with a McAfee driver.

  Process * \SVCHOST. EXE the nest (1632) contained code signed or corrupted and could not perform an operation with a McAfee driver.

  Is this a problem Microsoft or Mcafee?

  Do I need to fix?

  In the McAfee forums, there are several similar positions such as:

  https://community.McAfee.com/message/241542

  I'll sue your question on in their community, as they already seem to know about it.

  I would also say that, unless you are very fond of McAfee or you are forced to use it, you plan to replace it with something that has a smaller footprint, uses less resources and doesn't have these problems - something like Microsoft Security Essentials, you can get here:

  http://Windows.Microsoft.com/en-us/Windows/Security-Essentials-download

  MSE completed with the free version of MBAM and SAS should permanently keep your clean enough unless you're a daredevil like me:

  Download, install, update and do a quick scan with these free malware detection programs (not at the same time) and remove all threats:

  Malwarebytes (MMFA): http://www.malwarebytes.org/products/malwarebytes_free
  SUPERAntiSpyware: (SAS): http://www.superantispyware.com/

  SAS will probably report a lot of tracking cookies and you can just let him delete them.

  Even if you keep McAfee, I always supplement it with MBAM and SAS since no single AV program does seem to know everything.  If your McAfee of your system is clean, I would interpret that means - McAfee found nothing, says he knows.  It is prudent to use more than a reputable scanner to get more coverage.

  If you choose to spend (and you can't have both at the same time), you must be sure to use the uninstaller that you can get from here:

  http://service.McAfee.com/FAQDocument.aspx?LC=1033&ID=TS101331

  Your system will give you better performance.

• Code signing request has failed because the service is temporarily unavailable

  cannot create debug token today. still not to print the message: Code signing request has failed because the service is temporarily unavailable. What is happen?

  Service has been done.
  http://supportforums.BlackBerry.com/T5/BlackBerry-world-development/app-signing-server-down/m-p/2669...
  Try again.

• Unity3D code signing issue

  Hello everyone, I'm new here.

  I just tried to get the keys to a game from the signature.

  I got the csk file, but no email with SJC files didn't follow.

  Is there something that I am missing?

  Unity3D requires files from the csj to sign for BB10.

  Can someone help with the process, please?

  The file bbidtoken.csk is a BlackBerry ID token, which is our new method for signing.

  You can still use the previous method used (files CSJ) code signing keys.  You can get them using this form: https://www.blackberry.com/SignedKeys/codesigning.html

  Choose the second option, which is: "For PlayBook apps BlackBerry BlackBerry 10 apps development using a 10.1 SDK or lower or SDK WebWorks BlackBerry 10 below 2.0."

• Code Signing - different version of the JDE

  I'm back-porting an application 4.2 to 4.0. I copied the files sigtool directory 'bin' JDE 4.2 in the 'bin' JDE 4.0 directory. However, when I try to sign the COD files, the operation fails. The 'detail' says:

  "The signature on the request of code signing did not check.  The probable cause of this problem is entered an incorrect password. »

  The password is correct and checked several times. There is another reason for this failure? Am I missing a step when you move files sigtool 4.2 back to 4.0?

  The original JDE (the application was developed on) is 4.2.1. One where I am signing is 4.0.2.

  This link explains the changes in version 4.3.0.  It is the only version of the Pack BlackBerry JDE/component where the format of these files has changed.

  What's – the Signature key format changes in BlackBerry JDE 4.3.0
  Article number: DB-00639

  http://www.BlackBerry.com/knowledgecenterpublic/livelink.exe/fetch/2000/348583/800738/800989/What_Is...

• problem on mac code signing

  Currently, I just have a problem concerning the signing of the app using webworks api for playbook.

  In particular, I already could package it in a bar in the file but just cannot sign.

  I followed all the instructions to

  1. http://docs.blackberry.com/en/developers/deliverables/23977/Configure_signing_for_tablet_application...

  2. http://docs.blackberry.com/en/developers/deliverables/23977/Sign_the_cod_file_for_a_BB_Widget_applic...

  And it seemed that I have successfully registered my account because I have the following message in my mailbox:

  An application for registration is completed successfully for the customer "xxx".  The client left or code xxx signing requests.

  The customer has returned the following message is displayed:

  Customer "xxx" registered successfully with the server ID RDK signature and now attempts remaining xxx code signing.

  Then when I run the command:. / bbwp ~/Dropbox/Interceptr.zip /gcsk /gp12 123456 123456 /buildId 1/o/Users/xxx/Desktop (I replaced my real pass in this email with string 123456)

  I had the rest of the console message:

  [INFO]       Parsing of the command line options

  [INFO]       Bbwp.properties analysis

  [INFO]       Validation of archive WebWorks

  [INFO]       The analysis of config.xml

  [WARNING]   Cannot find an element of

  [INFO]       The application of filling source

  [INFO]       Compiling applications WebWorks

  [INFO]       Packaging of the record bar

  [INFO]       Bar complete packaging

  [INFO]       Start signing tool

  error barsigner: developer certificate and private key not found in the keys file or store the password not supplied

  [ERROR]     Signature failed

  and using blackberry-signatory gives the same result:

  . / blackberry-sign-verbose - cskpass 123456 - keystore sigtool.p12 - storepass 123456 ~/Desktop/Interceptr.bar RDK

  error barsigner: developer certificate and private key not found in the keys file or store the password not supplied

  I wonder if anyone has any ideas on this subject?

  Here are the exact steps I followed. I tried twice and havn't seen the questions either WinXP or Win7

  updating PATH env variable to add all the paths to the tools

• BlackBerry - lost password code signing

  Could someone recover password lost for the signatory to the code? The PDF provides links to a support email where nobody has the faintest idea how to do that?

  No chance, someone of you found any help on the site of bb or service customer? It has been a month since I've been chasing these people for one simple password reset question.

  This is an old thread... but since it's one of the first results in a Google search, I wanted to bring an answer here.

  It is not possible to recover your password for BlackBerry Code signing keys.  However, you can choose a new if you reinstall your keys.  The first thing you need to do is to order a new set of keys (free) using the form below.

  https://www.BlackBerry.com/SignedKeys/

  Before installing your keys, find and delete the files below that will be present in the various BlackBerry development tools installation directories (location varies by tool).

  sigtool.DB

  sigtool. CSK

  sigtool. Set

  You will now be able to install your new CSI files and choose a new password.

• I forgot the password of the Code signing key

  Hi, I got the signature key (csk file) by registering on blackberry, but for some reason, I forgot my password... When I try to sign my code it ask me password... I googled a lot to find a way to recover my password, but no avail... Can someone please tell me how to recover my password for the key signature or any other way that i can reset my password... Any kind of help would be appreciated... Thanks in advance...

  This is an old thread... but since it's one of the first results in a Google search, I wanted to bring an answer here.

  It is not possible to recover your password for BlackBerry Code signing keys.  However, you can choose a new if you reinstall your keys.  The first thing you need to do is to order a new set of keys (free) using the form below.

  https://www.BlackBerry.com/SignedKeys/

  Before installing your keys, find and delete the files below that will be present in the various BlackBerry development tools installation directories (location varies by tool).

  sigtool.DB

  sigtool. CSK

  sigtool. Set

  You will now be able to install your new CSI files and choose a new password.

• Error = the Code signing request failed

  I'm trying to sign my application of webbworks for the playbook, but I cannot, here is the process of me, packaging and then try to sign. I can install non signed bar file fine but I can't seem to sign.

  "/ Users/mike/projects/blackberry playbook sdk/bbwp/bbwp" $build_folder "/ build.zip" ""

  [INFO]       Parsing of the command line options

  [INFO]       Bbwp.properties analysis

  [INFO]       Validation of archive WebWorks

  [INFO]       The analysis of config.xml

  [WARNING]    Cannot find an element of

  [INFO]       The application of filling source

  [INFO]       Compiling applications WebWorks

  [INFO]       Packaging of the record bar

  [INFO]       Bar complete packaging

  [INFO]       Packaging applications complete WebWorks

  "/ Users/mike/projects/blackberry playbook sdk/bbwp/blackberry-tablets-sdk/bin/blackberry-sign"-verbose - cskpass pass - keystore "/ users/mike/projects/blackberry playbook sdk/bbwp/bin/sigtool.p12"-storepass pass "$build_folder"/bin/build.bar RDK.

  TBS = developer certificate

  30 81 a0 c5 03 02 01 02 02 04 4 a3 82 99 30 0c d

  > barsigner error: Server error: Code signing request failed because this file was previously signed.

  This can be caused by trying to sign the same version of the application.  Try incrementing the value of the version property in your config.xml file (or use the command line parameter - buildId) and sign again.

• Cannot find the file .csi for code signing

  I'm new to the development for a Blackberry. I get the following error message when you try to build an application that uses a persistent store.

  WARNING! : reference to the class: net.rim.device.api.system.PersistentObject requires the signature with the key: RIM API implementation

  I found that I'm supposed to have a .csi file from when I registered with the area of the developer, but I'm not. Can I request a new one or what?

  Thank you

  Jason

  You can buy rim, code signing certificates.

  The process details are here: http://na.blackberry.com/eng/developers/javaappdev/codekeys.jsp

  Form of payment etc. is here: https://www.blackberry.com/SignedKeys/

  Once you have paid and submitted your application, it takes a few weeks to receive the keys. If you use eclipse, you can then install the keys in your IDE.

• What is the problem with the form of code signing?

  I would ask code signing for BB10, I go to https://www.blackberry.com/SignedKeys/codesigning.html BUT when I choose sign app for BB10, it always go to the BlackBerry ID login page

  A few months ago anymore, at least not in the way you have used for a signature key. Is now complete with your BlackBerry ID now, hence the need to connect. It used to be a sticky thread at the top of the Council of native development, but I see that they removed that now.

  Go here.

• Free code signing!

  I'm developing an application that requires code signing. The application would serve only on my device and nowhere else.

  I wanted to know if I could get a signing key, i.e. unique access. not massive key free of charge, just for development and deployment.

  Nokia already provides free certificates for the development of general use. Here are some details and a link that best describes.

  http://wiki.Forum.Nokia.com/index.php/S60_3rd_Edition:_Application_Development

  Depending on the features used in an S60 application, there are different ways to sign a request:

  1. Possibility of user: used in an application compatibility are granted during the installation and the application UID should in the unprotected range (0x80000000-0xFFFFFFFF). A developer can use SignSis command to sign a .sis file. Please note that the application can only use: LocalServices, ReadUserData, WriteUserData, NetworkServices, UserEnvironment (S60 3rd Edition FP2, a developer can also use location capability).
  2. Open signed without the Publisher ID: the user must register and sign in to www.symbiansigned.com to download .sis application file. After having successfully downloaded, a developer can get immediately the application signed by the Web site, and the developer can download it from the Web site. This is to test the goal and the signed application can be installed on a mobile device. At the signing, a developer must provide email address valid as well as the number of IMEI (serial number of the phone) device. The signed application is installable within 36 months, and this method is for development purposes.
  3. Open signed with the Publisher ID: a developer must buy a first of TC TrustCenterPublisher ID. For Chinese developers, a developer can go to WoSign for the purchase of a Publisher ID. With the Publisher ID, a developer can request a certificate of developer of the www.symbiansigned.com. Using the certificate, a developer can sign with SignSis command .sis file. This is to test the goal and the certificate is limited by the number of IMEI listed in the certificate (maximum 1000 IMEI numbers to date). This certificate is valid for 36 months, and this method is for development purposes.
  4. Express signed: a developer must have an ID of the Publisher first. The developer has go to www.symbiansigned.com website to connect, and pay 20 USD for such a signature by an application. After you have downloaded the files needed on the site. Immediately, the developer can get the application signed by the Web site, and the developer can download it from the Web site. The signed application is for commercial sales.
  5. Certified signed: a developer must have an ID of the Publisher first. After an application has been fully tested using the Open signed or self-signed method (the request must have a UID between 0x00000000-0x7FFFFFFF), the developer can send the request to one of the 3 named test houses world for detailed testing and little money has to be paid for such a test, although the price may vary a House to another test. After that the application has passed Symbian test criteria, the application may be signed for commercial use.
  6. Symbian signed for Nokia: one of the necessary applications for the pre-installation must pass from the Nokia test criteria, and a developer has to pay for such a test. It has more standards than signed certified, and it should be conducted by 3 named test houses in the world. Detailed information can be found at: www.symbiansigned.com. For developers, who need to use the capabilities of the manufacturer, the developer must present a valid reason to justify the objective of using the features. Once the application has been approved, the developer can use Open signed with the Publisher ID to obtain the certificate required for testing and development. This method is for commercial use
  !

  If a developer wants to sign an application Freeware , please see the article How to sign an application freeware

  RIM is going to take the details of the previous keys and those will be disabled and you get the new.