Home > Uncategorized > SDK default key was used. To publish developer own key should be used with Registration file.

SDK default key was used. To publish developer own key should be used with Registration file.

If you submit an app to Tizen (Samsung Seller) and get this rejection back:

<Defect>
SDK default key was used. To publish developer own key should be used with Registration file
For more information, refer to IDE > Help Contents > Generating a certificate request
Or, Help Contents > Getting Started with Tizen wearable > Development Environment > Tizen SDK for wearable > Certificates
<Procedure>
<Expected Result>

Then it means that your Tizen app was not signed.

The procedure is as follows:

Generating a Certificate Request

There are 2 ways to generate a certificate request: you can make a certificate request from scratch, or you can use your existing Android keystore. When you develop a companion type application, the second option is better, since you must use the same author certificate for both the host and wearable application.

To make a certificate request from scratch to obtain an author certificate:

  1. Click the button on the Tizen IDE for Wearable toolbar.

    The Generate Certificate Request dialog opens.

  2. Enter the following information:

    • Mandatory information
      • Name
      • Email
      • Private key password
      • Password confirm
      • Developer type
      • Privilege level
      • DUID (Device Unique Identifier)
    • Optional information
      • Country
      • State
      • City
      • Organization
      • Department

To use your existing Android keystore to obtain an author certificate:

  1. Click the button on the Tizen IDE for Wearable toolbar.

    The Import Android Keystore and Generate Certificate Request dialog opens.

  2. Enter the following information:

    • Mandatory information
      • Alias

        Click Import, input the keystore with the password, and select the right alias.

      • Private key password
      • Name
      • Email
      • Developer type
      • Privilege level
      • DUID (Device Unique Identifier)
    • Optional information
      • Country
      • State
      • City
      • Organization
      • Department

Getting the DUID

To get the DUID (Device Unique Identifier):

  1. Connect your device to your host computer or launch the Emulator.
  2. In the Connection Explorer, check that the connected device or Emulator is visible.
  3. Select the device or Emulator, and click Properties.

    The DUID is visible on the Info panel

Sending a Certificate Request

You must first generate the developer key used for application signing and then send it for signing to the Samsung Developer Center. The following figure illustrates the registration process.

Figure: Sending a certificate request using PGP

 

To get the key signed, you must be encrypt it and send it to Samsung Developer Center using PGP (Pretty Good Privacy) encryption. You can generate your own PGP key using a PGP support tool. The tool normally generates a key pair consisting of a private key and public key.

Send your public key to gear2.sec@samsung.com with the encrypted request. After the Samsung Developer Center has signed it, you receive the registration XML file. Use your private key to decrypt the registration file.

The process and encryption tool required to generate the developer key vary depending on your operating system:

Signing the Developer Key (Windows®)

To send a developer key request to the Samsung Developer Center, you have to first encrypt the keys and email them using PGP (Pretty Good Privacy).

To send a developer key request to the Samsung Developer Center:

    1. To download the Gnu Privacy Assistant (GPA) PGP support application, go to www.gpg4win.org and download the GPA installer (gpg4win.exe). In the setup dialog, select the GPA component.

       

Other PGP tool support applications, such as Kleopatra, can be also used.
  1. To create your own PGP key:
    Note
    If you already have a PGP key, you can skip this step. You can use the existing key for the signing process.
    1. Launch the GPA application and go to Keys > New key.

       

    2. Enter your full name and the email address from which you are going to send your registration request.

    You have now created a PGP key, which you share with the Samsung Developer Center to initiate encrypted communication.

  2. To import the Samsung Developer Center PGP key:
    1. Go to a PGP key server, such as keyserver.pgp.com.

       

    2. Search the keys using the Samsung Developer Center email address (gear2.sec@samsung.com) or the key ID (4D8CE45C).

       

    3. To download the PGP key and save it on your system, click Download.

    4. Drag and drop the key directly to the GPA application or import it manually by going to Keys > Import Keys.

       

  3. To encrypt your developer certificate request:
      1. In the GPA application, go to Windows > File Manager.

         

      2. Click Open, select the created certificate request file (certificate-request.xml) from the /tizen-wearable-sdk-data/keystore directory, and click OK.
      3. Click Encrypt, select the Samsung Developer Center key named Gear2 Samsung from the Public Keys list, and click OK.
        Note
        Make sure the hidden attribute of the /tizen-wearable-sdk-data folder is not selected to show it in the GPA File Manager.
      4. Send the encrypted file (certificate-request.xml.gpg) and your public key to the Samsung Developer Center as an email attachment.

        In the mail, enter REQUEST FOR SIGNING as subject.

    Note
    PGP is not compatible with the Web mail system. Therefore, if you must encrypt your email message, go to Windows > Clipboard and paste your message in the clipboard window. To encrypt the message, click Encrypt and select the appropriate Samsung Developer Center key from the list.
  4. To decrypt your registration file after you receive it from the Samsung Developer Center:
    1. In the GPA application, go to Windows > File Manager.

       

    2. Click Open to find the files to decrypt. Select the file and click Decrypt.
    3. Enter your password to decrypt the registration file.

Registering Certificates

You can register an author certificate using the certificate-registeration.xml file received from the Samsung Developer Center.

To register a certificate:

  1. On the Tizen IDE for Wearable toolbar, click the Open icon button.

    The Register certificates dialog opens.

  2. Enter the certificate-registeration.xml file path.
  3. Enter your password.
  4. Click OK.

The author certificate and distributor certificate files are generated. A default security profile is also created.

Note

To install, without the Tizen IDE for Wearable, a wearable application on a wearable device on which no wearable applications have previously been installed:

  1. In the Connection Explorer, select the /home/developer folder.
  2. Copy the certificate-registration.xml file containing the DUID of the target device to the /home/developer folder of the Wearable device.

Adding Certificates to Security Profile

After registering, the author and distributor certificates are automatically added to the security profile.

To manually change the certificate settings:

  1. In the Tizen IDE for Wearable, go to Window > Preferences > Tizen SDK > Security Profiles.
  2. To add a signed profile, click Add in the Profiles panel.
  3. To edit the certificates:
    • In the Author Certificate panel, click Edit to set the author certificate path and password.
    • In the Distributor Certificates panel, select a certificate in the table and click Edit to modify the distributor certificate path and password.

Figure: Adding certificates

 

At least one distributor certificate is required and the default information is filled automatically when a profile is created. Another distributor certificate is optional and is used only for special purposes. In general, you are not required to modify distributor certificates.

 

– Then, click on the Profile, and click “set Active”, you will be prompted to clean all projects, and rebuild. (this last step wasn’t in the documentation)

To check if a WGT file is signed or not, then unzip the wgt file, and open the author-signature.xml file in a text editor, look for the X509Certificate node, and copy and paste it into http://www.sslshopper.com/certificate-decoder.html, you should see something like:

 

Certificate Information:

Common Name: Open Merchant Account Ltd
Organization: Open Merchant Account Ltd
Locality: Clonmany
State: Donegal
Country: IE
Valid From: October 31, 2012
Valid To: December 31, 2018
Issuer: Tizen Developers CA, Tizen Association
Key Size: 1024 bit
Serial Number: 0142c2e3a0f1

– I.e. the Common name should be your company, not Tizen.

 

 

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: