verisign ca分类_使用Verisign和NetBeans签名J2ME应用程序-CSDN博客

verisign ca分类

This was posted to the Netbeans forum a Feb, 2010 and I also sent it to Verisign. Who didn't help much in my struggles to get my application signed.

这是在2010年2月发布到Netbeans论坛的，我也将其发送给了Verisign。谁在为我的应用程序签名提供帮助方面没有太大帮助。

------------------------- Start

-------------------------开始

The idea here is to target your cell phones with

这里的想法是针对您的手机

the correct certificate. Some phones have VeriSign Class 3,

正确的证书。有些手机具有VeriSign Class 3，

some have just VeriSign....,

有些只是VeriSign。

The point is just because it says VeriSign, doesn't mean your

关键是因为它说的是VeriSign，并不意味着您的

VeriSign Class 3 certificate that accompanies your J2ME application

J2ME应用程序随附的VeriSign 3类证书

will work.

将工作。

A .csr file is an ASCII file

.csr文件是ASCII文件

csr = Certificate Signing Request

csr =证书签名请求

A .ks file is a binary file

.ks文件是二进制文件

ks = keystore

ks =密钥库

You can use the JAVA JDK keytool or the JAVA ME 3.0 tool mekeytool

您可以使用JAVA JDK键盘工具或JAVA ME 3.0工具mekeytool

1. Create a keystore

1.创建一个密钥库

To generate a public/private key pair, enter the following command,

要生成公钥/私钥对，请输入以下命令，

specifying a name for your keystore and an alias as well

指定密钥库的名称以及别名

keytool -genkey -keyalg rsa -keystore XXXX.ks -alias <alias_name>

keytool -genkey -keyalg rsa -keystore XXXX.ks -alias <别名>

Answer all of the questions, write them down or take a snapshot.

回答所有问题，写下来或快照。

You will use the XXXX.ks file later when VeriSign sends back your

稍后，当VeriSign发回您的文件时，您将使用XXXX.ks文件。

Class 3 CSR

3级企业社会责任

2. Generate a Certificate Signing Request

2.生成证书签名请求

keytool –certreq –file certreq.csr –keystore XXXX.ks -alias <alias_name>

keytool –certreq –文件certreq.csr –keystore XXXX.ks -alias <别名>

File certreq.csr looks something like this:

文件certreq.csr看起来像这样：

-----BEGIN NEW CERTIFICATE REQUEST-----

-----开始新证书请求-----

MIIBtzCCASACAQAwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFzAVBgNVBAcT

MIIBtzCCASACAQAwdzELMAkGA1 UEBhMCVVMx EzARBgNVBA gTCkNhbGlm b3JuaWExFz AVBgNVBAcT

............

-----END NEW CERTIFICATE REQUEST-----

-----结束新证书请求-----

3. Fill out the enrollment form with VeriSign

3.使用VeriSign填写注册表格

Paste the contents of the CSR file certreq.csr when asked.

询问时粘贴CSR文件certreq.csr的内容。

4. Create a folder named master

4.创建一个名为master的文件夹

Copy all of the files into master

将所有文件复制到主文件中

Leave them alone and use only in case of emergency

别管它们，仅在紧急情况下使用

5. A few days later you receive an EMAIL from VeriSign that you have been approved.

5.几天后，您收到VeriSign的电子邮件，该电子邮件已被批准。

Your certificate OR INTERMEDIATE CA looks something like this:

您的证书或中级CA看起来像这样：

-----BEGIN NEW CERTIFICATE REQUEST-----

-----开始新证书请求-----

MIAGCSqGSIb3DQEHAqCAMIACAQExADALBgkqhkiG9w0BBwGggDCCBOswggPToAMC

MIAGCSqGSIb3DQEHAqCAMIACAQ ExADALBgkq hkiG9w0BBw GggDCCBOsw ggPToAMC

............

-----END NEW CERTIFICATE REQUEST-----

-----结束新证书请求-----

It's a Class 3 certificate.

这是3级证书。

Save the EMAIL to a file named verisign_class3.csr in the same

将EMAIL保存到同一目录中名为verisign_class3.csr的文件中

folder as your other 2 files.

文件夹作为其他2个文件。

Edit the file. I used PSPAD.

编辑文件。我使用了PSPAD。

Delete all of the material up to the line that says

删除所有材料，直到显示以下内容的行

-----BEGIN NEW CERTIFICATE REQUEST-----

-----开始新证书请求-----

Make sure each line does not have any spaces at end.

确保每行末尾没有空格。

Go to bottom of file.

转到文件底部。

Make sure it ends in

确保它以

-----END NEW CERTIFICATE REQUEST-----

-----结束新证书请求-----

Make sure NO NEW LINE is after the END NEW CERTIFICATE line

确保没有新行在END NEW CERTIFICATE行之后

6. Now you will IMPORT your verisign_class3.csr file into your binary

6.现在，您将把您的verisign_class3.csr文件导入到二进制文件中

XXXX.ks file.

XXXX.ks文件。

Use this command

使用此命令

keytool -import -alias <alias_name> -trustcacerts -file verisign_class3.csr -keystore XXXX.ks

keytool-导入-alias <别名> -trustcacerts-文件verisign_class3.csr -keystore XXXX.ks

The tool will prompt you for the password you created back in step 1.

该工具将提示您输入在步骤1中创建的密码。

If you edited and saved the verisign_class3.csr correctly, your KS file

如果正确编辑并保存了verisign_class3.csr，则KS文件

will have grown 2-3 times its size. And the message will be:

将会增长到其大小的2-3倍。消息将是：

"Certificate reply was installed in keystore"

“证书答复已安装在密钥库中”

If you did not edit the file correctly, you may get an

如果您未正确编辑文件，则可能会收到一个

error like this:

像这样的错误：

"keytool error: java.security.cert.CertificateParsingException:

“ keytool错误：java.security.cert.Certifi cateParsin 异常：

invalid DER-encoded certificate data"

无效的DER编码的证书数据”

You can always view the internals of your KS file by issuing this command:

您始终可以通过发出以下命令来查看KS文件的内部信息：

keytool -list -v -keystore XXXX.ks

keytool-列表-v -keystore XXXX.ks

If you make a mistake check your .KS files timestamp/size and make sure you did not corrupt anything. if the timestamp/size was altered and

如果输入有误，请检查.KS文件的时间戳/大小，并确保未损坏任何文件。如果时间戳记/大小已更改，并且

you got an error; then it's more than likely corrupted.

你有一个错误；那么它很可能已损坏。

If so, simply copy your backup from the master folder and start again.

如果是这样，只需从主文件夹复制备份，然后重新开始。

One comment about the command keytool -import.

关于命令keytool -import的一条评论。

I have seen some documents

我看过一些文件

show the -alias come before the -trustcerts. I have seen

显示-alias在-trustcerts之前。我见过

some examples with -trustcerts before the -alias. I do know that the

在-alias之前使用-trustcerts的一些示例。我确实知道

one above works.

以上一项。

Another comment about the contents of the EMAIL. Copy/paste to

关于EMAIL内容的另一条评论。复制/粘贴到

another file didn't work. Drove me crazy. Saving the contents directly

另一个文件不起作用。让我发疯。直接保存内容

to disk and removing all lines around the BEGIN/END worked.

到磁盘并删除BEGIN / END周围的所有行都有效。

================

Congratulations, you're done with the certificate.

恭喜，您已经完成证书。

Now what?

怎么办？

Get the certificate into your JAD file.

将证书放入您的JAD文件。

1. Open up your NetBeans project

1.打开您的NetBeans项目

2. Highlight your project and look for properties

2.突出显示您的项目并查找属性

3. Select the Signing node

3.选择“签名”节点

4. Check the box "Sign Distribution"

4.选中“标志分配”框

5. Click button "Open Keystore Manager"

5.单击按钮“打开密钥库管理器”

6. Press button "Add Keystore..."

6.按下按钮“添加密钥库...”

7. Select radio button "Add existing keystore"

7.选择单选按钮“添加现有密钥库”

8. Locate your XXXX.ks file with the browse button

8.使用浏览按钮找到XXXX.ks文件。

9. Click Unlock to show the alias you entered in step 1.

9.单击解锁以显示您在步骤1中输入的别名。

10. Close the dialog window

10.关闭对话框窗口

11. Use the dropdown to select your XXXX.ks file

11.使用下拉列表选择XXXX.ks文件

12. And select your alias.

12.然后选择您的别名。

13. Rebuild

13.重建

14. Deploy

14.部署

Note that you will be asked your password that you set up in the previous

请注意，系统会询问您在上一个步骤中设置的密码

steps above.

以上步骤。

15. Check your JAD file, looks something like this:

15.检查您的JAD文件，如下所示：

MIDlet-Certificate-1-1: MIIE6z...

MIDlet-Certificate-1-1：MIIE6z ...

MIDlet-Certificate-1-2: MIIE/D...

MIDlet-Certificate-1-2：MIIE / D ...

MIDlet-Certificate-1-3: MIICPD...

MIDlet-Certificate-1-3：MIICPD ...

MIDlet-Jar-RSA-SHA1: NPr....

MIDlet-Jar-RSA-SHA1：NPr ....

Note the line

注意行

MIDlet-Permissions:

MIDlet-权限：

You did select the correct permissions before building?

您在构建之前是否选择了正确的权限？

16. Download to the phone.

16.下载到手机。

17. Test it out.

17.测试一下。

------------------- End

- - - - - - - - - - 结束

翻译自: https://www.experts-exchange.com/articles/3001/Signing-your-J2ME-application-using-Verisign-and-NetBeans.html

verisign ca分类