1 <?xml version="1.0" encoding="utf-8"?>

     2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->

     3 <!-- This component and the accompanying materials are made available under the terms of the License 

     4 "Eclipse Public License v1.0" which accompanies this distribution, 

     5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->

     6 <!-- Initial Contributors:

     7     Nokia Corporation - initial contribution.

     8 Contributors: 

     9 -->

    10 <!DOCTYPE task

    11   PUBLIC "-//OASIS//DTD DITA Task//EN" "task.dtd">

    12 <task id="GUID-D45A4AE9-4169-4466-B02B-629B15C3E9AA" xml:lang="en"><title>MakeKeys

    13 Tutorial</title><shortdesc>The MakeKeys tool is a PC-side stand-alone tool that helps you

    14 to create a private key-public key pair and generate certificate requests.</shortdesc><prolog><metadata><keywords/></metadata></prolog><taskbody>

    15 <context>       <p>The following diagram illustrates the procedure for creating

    16 a private key, self-signed certificate and a certificate request file. </p><fig id="GUID-BA4923AA-EEFF-43BA-B8BE-F56EE18EB6EA">

    17 <image href="GUID-C253D792-7470-5D9F-B39B-1CF42438215A_d0e20859_href.png" placement="inline"/>

    18 </fig></context>

    19 <steps-unordered>

    20 <step id="GUID-85270875-54F4-4212-85C6-7F452EA12C02"><cmd><xref href="GUID-55A6DA94-FAE6-442D-BBA8-82F92D4C63F2.dita">Creating

    21 a private key and self signed certificate</xref></cmd>

    22 </step>

    23 <step id="GUID-8E0FE187-0E5E-4FEB-BBFB-FD33AD39AB0B"><cmd><xref href="GUID-1747534D-063A-45B0-8636-E7767F984BB0.dita">Generating

    24 a certificate request</xref></cmd>

    25 </step>

    26 <step id="GUID-A05827C0-BAD5-430E-A5E1-7FEC3A1D974B"><cmd><xref href="GUID-6CC45734-E497-40A7-AB23-37A24EBAF339.dita">Viewing

    27 certificate details</xref></cmd>

    28 </step>

    29 </steps-unordered>

    30 <postreq><ul>

    31 <li><p>The private key can be specified as an argument while signing an installation

    32 file using the SignSIS tool. For details, see <xref href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita">SignSIS</xref>.</p></li>

    33 <li><p>Symbian developer must send the certificate request to a trusted third

    34 party, that is, a Certificate Authority (CA) for signing. </p><p>The CA verifies

    35 the identity of the originator of the certificate request. After verification,

    36 the CA signs the public key (contained in the certificate request) using the

    37 CA's private key and creates a signed certificate. This signed certificate

    38 is then sent back to the applicant.</p><p>The CA can return a single certificate

    39 or a file containing a chain of certificates. This includes intermediate certificates

    40 in addition to the CA's root certificate and the Symbian developer certificate.

    41  </p><note type="important">Certificates returned by CA must be in the base64

    42 encoded ASCII format.</note></li>

    43 <li><p>The digital certificate returned by the CA must be bundled with the

    44 installation file to allow the digital signature to be verified. The self-signed

    45 certificate can then be discarded.  </p></li>

    46 </ul></postreq>

    47 </taskbody><related-links>

    48 <link href="GUID-2861F3D9-875E-5AB3-9600-B328F042CC38.dita"><linktext>MakeKeys

    49 Overview</linktext></link>

    50 <link href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita"><linktext>MakeKeys

    51 Reference</linktext></link>

    52 </related-links></task>