Creating a Private Key and Self Signed Certificate

Run MakeKeys at the command prompt using the -cert option.

The following is the syntax:

> makekeys -cert [-v] [-expdays <cert-expiry-in-days>] [-password <password>] [-len <key-length>] -dname <distinguished-name-string> <private-key-file> <public-key-cert>
Important: Specify a name for the output private key file with .key extension and output self-signed certificate file with .cer extension.

For example,

> makekeys -cert -expdays 3650 -password yourpassword -len 2048 -dname "CN=Symbian Foundation Developer O=Symbian Foundation C=GB" HelloWorld.key HelloWorld.cer


  • HelloWorld.key is the name of the output private key file that must be kept secret

  • HelloWorld.cer is the name of the output self-signed public key certificate that can be used to verify the digital signature.

SeeMakeKeys Reference for more information on the options and arguments that can be provided with the MakeKeys tool.

The self-signed certificate can be included in installation files and used to verify the digital signature with a matching private key. However, secure installation requires that the certificate containing the public key be digitally signed by a trusted third party. Therefore, a certificate request must be sent to the Certification Authority (CA) for signing. See Generating a Certificate Request for details about creating a certificate request.