开发者

Signing an adobe air application with an spc file

I recently purchased a digital certificate from GoDaddy to sign an adobe air application. GoDaddy, and probably some of the other CAs out there, deliver their cer开发者_运维百科tificates as SPC files. However, most of the information about compiling and signing an air application assumes you have a p12 file. I spent a while figuring out how to deal with this issue and thought it'd be good to share the process with the SO community. I will post an answer shortly.


The key to coming up with the correct method was understanding that a p12 file is a keystore - not just a certificate. A keystore contains the key and the certificate. When signing an adobe air app, you need to provide a keystore and not just a certificate. So, let me begin from the top.

Step 1: Create a keystore

keytool -genkey -alias codesigncert -keypass <yourkeypwd> -keyalg RSA -keysize 2048 -dname "CN=displayname,O=companyname,C=US,ST=state,L=city" -keystore codesignstore -storepass <yourstorepwd>

Step 2: Create a certificate request

keytool -certreq -v -alias codesigncert -file mycsr.pem -keystore codesignstore

Step 3: Purchase a certificate from a CA using the CSR created in the previous step. In my case, I downloaded the certificate as an SPC file.

Step 4: Add the certificate to your keystore

keytool -import -keystore codesignstore -storepass <yourstorepwd> -alias codesigncert -file mycert.spc

Step 5: Currently your keystore is a java key store (JKS). Convert this to PKCS12

keytool -importkeystore -srckeystore codesignstore -srcstoretype JKS -deststoretype PKCS12 -destkeystore codesignstore.p12

Step 6: Sign your app

adt -package -storetype pkcs12 -keystore codesignstore.p12 -storepass <yourstorepwd> -keypass <yourkeypwd> <name of output file> application.xml <path to root dir>

I think it's probably also possible to skip step 5 and perform step 6 using the JKS keystore. I didn't confirm that this works, however.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜