Symbian3/PDK/Source/GUID-55A6DA94-FAE6-442D-BBA8-82F92D4C63F2.dita
author Dominic Pinkman <dominic.pinkman@nokia.com>
Fri, 13 Aug 2010 16:47:46 +0100
changeset 14 578be2adaf3e
parent 5 f345bda72bc4
permissions -rw-r--r--
Week 32 contribution of PDK documentation content. See release notes for details. Fixes bug Bug 3582

<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License 
"Eclipse Public License v1.0" which accompanies this distribution, 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
    Nokia Corporation - initial contribution.
Contributors: 
-->
<!DOCTYPE task
  PUBLIC "-//OASIS//DTD DITA Task//EN" "task.dtd">
<task id="GUID-55A6DA94-FAE6-442D-BBA8-82F92D4C63F2" xml:lang="en"><title>Creating
a Private Key and Self Signed Certificate</title><prolog><metadata><keywords/></metadata></prolog><taskbody>
<steps-unordered>
<step id="GUID-548F2317-948F-491D-BED4-1D83D6DF0520"><cmd>Run MakeKeys at
the command prompt using the <codeph>-cert</codeph> option. </cmd>
<info><p>The following is the syntax: </p><codeblock xml:space="preserve">&gt; makekeys -cert [-v] [-expdays &lt;cert-expiry-in-days&gt;] [-password &lt;password&gt;] [-len &lt;key-length&gt;] -dname &lt;distinguished-name-string&gt; &lt;private-key-file&gt; &lt;public-key-cert&gt;</codeblock><note type="important"> Specify a name for the output private key file with
.key extension and output self-signed certificate file with .cer extension.
 </note></info>
<stepxmp><p>For example, </p><codeblock xml:space="preserve">&gt; makekeys -cert -expdays 3650 -password yourpassword -len 2048 -dname "CN=Symbian Foundation Developer O=Symbian Foundation C=GB" HelloWorld.key HelloWorld.cer
</codeblock><p>Here, </p><ul>
<li><p><codeph>HelloWorld.key</codeph> is the name of the output private key
file that must be kept secret </p></li>
<li><p><codeph>HelloWorld.cer</codeph> is the name of the output self-signed
public key certificate that can be used to verify the digital signature.  </p></li>
</ul></stepxmp>
<info><p>See<xref href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita">MakeKeys
Reference</xref> for more information on the options and arguments that can
be provided with the MakeKeys tool.  </p></info>
</step>
</steps-unordered>
<postreq><p>The self-signed certificate can be included in installation files
and used to verify the digital signature with a matching private key. However,
secure installation requires that the certificate containing the public key
be digitally signed by a trusted third party. Therefore, a certificate
request must be sent to the Certification Authority (CA) for signing. See <xref href="GUID-1747534D-063A-45B0-8636-E7767F984BB0.dita">Generating a Certificate
Request</xref> for details about creating a certificate request.</p></postreq>
</taskbody></task>