There's no reason to pay those people any $$ for a certificate for this purpose.
There are directions somewhere in the documentation you can follow. I think you can do it with keytool's -genkeypair command. Make VERY, VERY sure you do not lose either the keystore with the private key and cert, or the passwords that protect them. Let me repeat that: If you lose them, after you publish your app -- YOU ARE SCREWED. You should probably stop reading here, and go try it with keytool... ===== I had already set up my own private CA for other reasons, and I wanted my cert integrated with that. What I did is to download OpenSSL, and set up my own private CA, and use that to generate a certificate request, and signed it with the CA cert. I then packaged that into a PKCS#12 keystore (.p12), and imported that into my .jks keystore (for compatibility with the Java tools). Then, when I finally uploaded my app, I found I'd slightly miscalculated the # of days until the required expiration date (minimum of Oct 22, 2033), so I had to do it again. (That's when I found I'd somehow misrecorded the password for my CA cert -- so I had to do THAT again, too. OUCH!) But that's overkill. All you really need is a self-signed certificate and associated private key, in a .jks keystore. You don't even need a CA; I just did that to enable me to better track them. Just be VERY, VERY careful not to lose the private key or the passwords. If you lose them after you upload, you're basically screwed. (I wasn't in that situation, at least -- my cert and key would have been good for a couple decades). This somewhat simpler procedure should work for you, if you want more control over your certs than keytool gives you for some reason: openssl req -newkey rsa:2048 -sha1 -x509 -out foocert.pem -keyout fookey.pem -days 11000 (supply requested info, including new password) openssl pkcs12 -name "mykey" -inkey fookey.pem -in foocert.pem -export -out foo.p12 (Supply key password and new keystore password) keytool -importkeystore -v -srckeystore foo.p12 -srcstoretype pkcs12 - destkeystore foo.jks (supply passwords) keytool -keypasswd -alias mykey -keystore foo.jks (Supply keystore and new key passwords) I don't know why every cryptography tool I've ever used has been such a pain to use, even if you know exactly what you want to accomplish cryptography-wise! On Mar 22, 11:47 pm, ABhi <[email protected]> wrote: > Hi, > > I've this doubt regarding the certification authorities that Android > phone supports. > > With my previous experience with J2ME, which states that some of the > phones doesn't support thawt, while some other doesn't support > verisign and so on. Net, net, there wasn't any certification authority > which was supported by all the devices. > > Now before diving Android development, i wanted to find out which > certification i should buy which would help me sign my final > application and will be allowed in Android market. > > Please help me answer below queries. > > 1. Which SSL certificates are supported to access my website through > android phone? > > 2. With which certification authority i should sign my application in > order to let it run on all the android phone. > > Thanks in Advance & Regards, > Abhishek -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en To unsubscribe from this group, send email to android-developers+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
