How to create a private key and self signed certificate

The Certificate Generator may be used to create a private key, and a public key in the form of a self-signed certificate. The private key can then be used by the Installation File Generator to digitally sign an installation file. The self signed certificate can be used by the Certificate Generator to create a certificate request.

Invoke the Certificate Generator on the command line, specifying the name of the private key and certificate to be generated, and the given distinguished name string.

• The Certification Generator

• How to digitally sign an installation file

• How to create a secure digital certificate

• Package signature

The following command line creates a private key and a public key in the form of a self-signed certificate:

makekeys -cert -dname "CN=Symbian O=Symbian LTD C=GB" HelloWorld.key HelloWorld.cer

The -dname command passes a simple distinguished name string to Certificate Generator. The HelloWorld.key file is the private key file that belongs to the creator and must be kept secret. The HelloWorld.cer file is the self signed public key certificate that can be used to verify the digital signature.

• The private key may be specified to the Installation File Generator to digitally sign an installation file.

• For testing purposes, the self-signed certificate may be included in installation files, and used to verify that the digital signature was created using the matching private key. However secure installation requires that the certificate containing the public key be digitally signed by a trusted third party — this certificate may be obtained from a Certification Authority using a Certificate request.

• The private key and self-signed certificate created here may be used by the Certificate Generator to create a certificate request.