Real devices have similar lists of root certificates, although they cannot usually be modified by the user. When you want to deploy your application on a real device, you’ll have to use signing keys issued by a certificate authority whose root certificate is present on the device. Otherwise, the device will be unable to verify your application.
While you’re developing your application, the toolkit’s certificate management utility provides a convenient way to manipulate the emulator’s list of root certificates for testing purposes.
Choose File > Utilities... from the KToolbar menu. Click on the Manage
Certificates button to open up the certificate manager window.
FIGURE 28 The certificate manager
Each certificate is shown as a single line in the left part of the window, the Certificate List. When you click on a certificate, its details are shown in the right part of the window. You’ll also see the certificate’s associated protection domain.
6.5.1Importing Certificates
You can import certficates either from certificate files or from J2SE keystore files.
To import a certificate from a file, click on Import Certificate... in the certificate manager window. After you locate the certificate file, choose which protection domain is associated with the certificate.
To import a certificate from a J2SE keystore, choose Action > Import J2SE Certificate from the menu in the certificate manager window. First, choose a protection domain for the certificate. Then select the keystore file and enter the keystore password. Finally, select the alias for the certificate you wish to import.
Chapter 6 Security and MIDlet Signing 55
