Skip to main content

Signing Apps for Sprint

2 replies [Last post]
Anonymous

Hello All,

Has anyone delivered an off-deck, signed applicaton using restricted APIs
on Sprint?

I have read a number of posts on signing, and I have read the Sprint
Developer PDF tutorial on signing apps. I signed an app using the Sprint's
WTK.

But, I do not yet understand why I have to enable the developer root on my
device. I want to deliver signed apps using restricted APIs to devices off
deck. My customers will not have enabled a developer root on their devices.
Downloading a signed app to my own phone is no different than the
experience I want to give my customers.

The PDF tutorial on signing is very ambiguous. It says I need a Certificate
from Verisign, but it also says I don't need one-- I can use a 3 year
certificate built into the WTK.

It would make sense if the root developer certificate was only for testing,
but I need the Versign Certificate for deploying off deck to my customers.
Is that the case? The PDF doesn't make this clear one way or another.

Or, is the whole signing issue only applicable to apps that will be hosted
on Sprint's deck. For off deck apps, the only option is to go untrusted,
and forego access to the restricted APIs?

Sprint's tutorial PDF is really great for the mechanics of creating a
signed app, but it doesn't address any of the deployment issues.

Thank you for your reply.

Alan Weiler
developer@kallisto.com

===========================================================================
To unsubscribe, send email to listserv@java.sun.com and include in the body
of the message "signoff KVM-INTEREST". For general help, send email to
listserv@java.sun.com and include in the body of the message "help".

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Jliss-Viewsonics

You may also need a certificate from the phone manufacturer as well as Sprint for some of the API's. I know in the case of Motorola
they control some of the API's and you will need to get a certificate from them as well !

Jerome
jliss@viewsonicsinc.com

> -----Original Message-----
> From: A mailing list for KVM discussion
> [mailto:KVM-INTEREST@JAVA.SUN.COM]On Behalf Of Alan Weiler
> Sent: Sunday, September 23, 2007 3:22 PM
> To: KVM-INTEREST@JAVA.SUN.COM
> Subject: Signing Apps for Sprint
>
>
> Hello All,
>
> Has anyone delivered an off-deck, signed applicaton using restricted APIs
> on Sprint?
>
> I have read a number of posts on signing, and I have read the Sprint
> Developer PDF tutorial on signing apps. I signed an app using the Sprint's
> WTK.
>
> But, I do not yet understand why I have to enable the developer root on my
> device. I want to deliver signed apps using restricted APIs to devices off
> deck. My customers will not have enabled a developer root on their devices.
> Downloading a signed app to my own phone is no different than the
> experience I want to give my customers.
>
> The PDF tutorial on signing is very ambiguous. It says I need a Certificate
> from Verisign, but it also says I don't need one-- I can use a 3 year
> certificate built into the WTK.
>
> It would make sense if the root developer certificate was only for testing,
> but I need the Versign Certificate for deploying off deck to my customers.
> Is that the case? The PDF doesn't make this clear one way or another.
>
> Or, is the whole signing issue only applicable to apps that will be hosted
> on Sprint's deck. For off deck apps, the only option is to go untrusted,
> and forego access to the restricted APIs?
>
> Sprint's tutorial PDF is really great for the mechanics of creating a
> signed app, but it doesn't address any of the deployment issues.
>
> Thank you for your reply.
>
> Alan Weiler
> developer@kallisto.com
>
> ===========================================================================
> To unsubscribe, send email to listserv@java.sun.com and include in the body
> of the message "signoff KVM-INTEREST". For general help, send email to
> listserv@java.sun.com and include in the body of the message "help".

===========================================================================
To unsubscribe, send email to listserv@java.sun.com and include in the body
of the message "signoff KVM-INTEREST". For general help, send email to
listserv@java.sun.com and include in the body of the message "help".

Joe Bowbeer

On 9/23/07, Alan Weiler wrote:
>
> Or, is the whole signing issue only applicable to apps that will be hosted
> on Sprint's deck. For off deck apps, the only option is to go untrusted,
> and forego access to the restricted APIs?
>

Right on both counts.

When your app goes public, Sprint will sign it with their own cert.

You need a VeriSign cert for testing only, and the MIDlets signed by
that cert can only be installed on Sprint handsets that have been
enabled for development.

--
Joe Bowbeer

On 9/23/07, Alan Weiler wrote:
> Hello All,
>
> Has anyone delivered an off-deck, signed applicaton using restricted APIs
> on Sprint?
>
> I have read a number of posts on signing, and I have read the Sprint
> Developer PDF tutorial on signing apps. I signed an app using the Sprint's
> WTK.
>
> But, I do not yet understand why I have to enable the developer root on my
> device. I want to deliver signed apps using restricted APIs to devices off
> deck. My customers will not have enabled a developer root on their devices.
> Downloading a signed app to my own phone is no different than the
> experience I want to give my customers.
>
> The PDF tutorial on signing is very ambiguous. It says I need a Certificate
> from Verisign, but it also says I don't need one-- I can use a 3 year
> certificate built into the WTK.
>
> It would make sense if the root developer certificate was only for testing,
> but I need the Versign Certificate for deploying off deck to my customers.
> Is that the case? The PDF doesn't make this clear one way or another.
>
> Or, is the whole signing issue only applicable to apps that will be hosted
> on Sprint's deck. For off deck apps, the only option is to go untrusted,
> and forego access to the restricted APIs?
>
> Sprint's tutorial PDF is really great for the mechanics of creating a
> signed app, but it doesn't address any of the deployment issues.
>
> Thank you for your reply.
>
> Alan Weiler
> developer@kallisto.com
>

===========================================================================
To unsubscribe, send email to listserv@java.sun.com and include in the body
of the message "signoff KVM-INTEREST". For general help, send email to
listserv@java.sun.com and include in the body of the message "help".