from http://m-shaheen.blogspot.com/2009/07/1.html
MIDlet Signing process steps can be summarized into :
1. Generate public/private key pairs.
2. Generate Certificate Signing Request (CSR) and submit it to CA .
3. Sign the MIDLet with the certificate.
Software requirements
1. Sun java 2 SDK or JRE
2. Sun Wireless Tool Kit (WTK)
The steps are:
1. Generate public/private key pairs
a. Create a Keystore:
From command line Navigate to java 2 SDK bin directory and type the below command :
keytool -genkey -keyalg rsa -keystore <keystore_filename> -alias <alias_name>
it prompts you to enter a password for your keystore, your name, organization, and address.
b. List the generated keypairs
To see your generated keypairs entry ,type the below command :
keytool -keystore <keystore_filename> -list
2. Generate Certificate Signing Request (CSR) and submit it to CA :
You need to generate a (CSR) for the enrollment process.
a. generate CSR
Type the below command to create a CSR for the key pair in the keystore:
keytool –certreq –file <certreq_filename.csr> –keystore <keystore_filename> -alias <alias_name>
b. submit the generated CSR to CA
3. Sign the MIDLet with the certificate:
Once the CA has approved your request, you will receive the certificate, the steps are:
a. Import the certificate to your Keystore
Use the below command
keytool –import –trustcacerts –keystore <keystore_filename> -alias <alias_name> -file <cert_filename>
b. Sign the JAD file
Use JadTool utility to signs a JAR file by adding both of the certificate and the JAR file’s digital signature to the Java Application Descriptor (JAD) file, the process will be :
b.a. Adding the certificate to JAD
use JadTool.jar tadd the certificate as the value of an attribute named MIDlet-Certificate-m-n, where m is the number of the certificate chain, and n is an integer that, for new certificates, begins at one and increments by one each time you add a new certificate to the JAD file.
Java -jar %WTK_HOME%\bin\JadTool.jar -addcert -keystore <keystorename> -alias <aliasname> -storepass <password> -inputjad <input_jadfile> -outputjad <output_jadfile>
You should see the below attributes added to your output jad file
MIDlet-Certificate-1-1,MIDlet-Certificate-1-2,MIDlet-Certificate-1-3
b.b. Adding JAR’s digital signature to the JADGets the JAR’ digital signature, stores it as the value of the MIDlet-Jar-RSA-SHA1 attribute of the output JAD file.
java -jar %WTK_HOME%\bin\jadtool.jar -addjarsig -jarfile <jar_file> -keystore <keystorename> -alias <aliasname> -storepass <password> -keypass <password> -inputjad <input_jadfile> -outputjad <output_jadfile>
Where The default value for -jarfile is the MIDlet-Jar-URL property in the JAD file.
References:https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=AR185
https://knowledge.verisign.com/support/ssl-certificates-support/index?page=content&id=SO8381
http://java.sun.com/products/sjwtoolkit/wtk2.5.2/docs/UserGuide-html/commandline.html
http://java.sun.com/j2se/1.4/docs/tooldocs/win32/keytool.html
http://java.sun.com/javame/reference/docs/sjwc-2.2/pdf-html/html/tools/jadtool.html