Week 23 contribution of SDK documentation content. See release notes for details. Fixes bugs Bug 2714, Bug 462.
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE task
PUBLIC "-//OASIS//DTD DITA Task//EN" "task.dtd">
<task id="GUID-D45A4AE9-4169-4466-B02B-629B15C3E9AA" xml:lang="en"><title>MakeKeys
Tutorial</title><shortdesc>The MakeKeys tool is a PC-side stand-alone tool that helps you
to create a private key-public key pair and generate certificate requests.</shortdesc><prolog><metadata><keywords/></metadata></prolog><taskbody>
<context> <p>The following diagram illustrates the procedure for creating
a private key, self-signed certificate and a certificate request file. </p><fig id="GUID-BA4923AA-EEFF-43BA-B8BE-F56EE18EB6EA">
<image href="GUID-C253D792-7470-5D9F-B39B-1CF42438215A_d0e16601_href.png" placement="inline"/>
</fig></context>
<steps-unordered>
<step id="GUID-85270875-54F4-4212-85C6-7F452EA12C02"><cmd><xref href="GUID-55A6DA94-FAE6-442D-BBA8-82F92D4C63F2.dita">Creating
a private key and self signed certificate</xref></cmd>
</step>
<step id="GUID-8E0FE187-0E5E-4FEB-BBFB-FD33AD39AB0B"><cmd><xref href="GUID-1747534D-063A-45B0-8636-E7767F984BB0.dita">Generating
a certificate request</xref></cmd>
</step>
<step id="GUID-A05827C0-BAD5-430E-A5E1-7FEC3A1D974B"><cmd><xref href="GUID-6CC45734-E497-40A7-AB23-37A24EBAF339.dita">Viewing
certificate details</xref></cmd>
</step>
</steps-unordered>
<postreq><ul>
<li><p>The private key can be specified as an argument while signing an installation
file using the SignSIS tool. For details, see <xref href="GUID-B20EE8A3-D7B2-5872-AF43-001A88C1A46E.dita">SignSIS</xref>.</p></li>
<li><p>Symbian developer must send the certificate request to a trusted third
party, that is, a Certificate Authority (CA) for signing. </p><p>The CA verifies
the identity of the originator of the certificate request. After verification,
the CA signs the public key (contained in the certificate request) using the
CA's private key and creates a signed certificate. This signed certificate
is then sent back to the applicant.</p><p>The CA can return a single certificate
or a file containing a chain of certificates. This includes intermediate certificates
in addition to the CA's root certificate and the Symbian developer certificate.
</p><note type="important">Certificates returned by CA must be in the base64
encoded ASCII format.</note></li>
<li><p>The digital certificate returned by the CA must be bundled with the
installation file to allow the digital signature to be verified. The self-signed
certificate can then be discarded. </p></li>
</ul></postreq>
</taskbody><related-links>
<link href="GUID-2861F3D9-875E-5AB3-9600-B328F042CC38.dita"><linktext>MakeKeys
Overview</linktext></link>
<link href="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A.dita"><linktext>MakeKeys
Reference</linktext></link>
</related-links></task>