In a previous post (BlackBerry Code Signing Help), I ran into problems signing my API Keys (.CSI files). Also in that post, I had trouble Requesting Signatures for my application. Both problems are now resolved and I was able to successy install my latest project onto my BlackBerry Storm. (My tweet-of-joy)
Instead of simply making this a “yippee” post, I’m going to provide details on how to sign your API keys and then how to request signatures for your application. I realize that BlackBerry provides instructions but they don’t seem too clear, at least they don’t to me.
Request Java Code Signing Keys
RIM requires that a developer register with them before he is allowed to access certain “sensitive” APIs. These APIs fall under three categories: Runtime APIs, BlackBerry Application APIs, and BlackBerry Cryptography APIs.
Registration is $20 and you can register online using the “BlackBerry Code Signing Keys Order Form.” For more details as to why RIM requires registration and for what specific APIs are controlled, visit the “Java Code Signing Keys” page.
Registering Your Keys with The Signing Authority
Once you have registered for your code signing keys, RIM will send you three files: a “client-RCR-#####.cod,” “client-RRT-#####.cod,” and a “client-RBB-#####.cod.” Each file will be sent in a different email. You can then follow the instructions in the “BlackBerry Signature Tool Developer Guide” (a PDF download).
This is where I ran into my first problem - when I double-clicked a .COD file, Windows did not know which application to open the file with. Please refer to my “BlackBerry Code Signing Help” article for instructions on how to resolve this issue.
Once you have successfully registered your keys with the signing authority two files will be generated - a “sigtool.db” and a “sigtool.csk.” These files will be placed in the same location as the “SignatureTool.jar” file.
If you have the BlackBerry JDE Plug-In for Eclipse and the BlackBerry JDE installed be very careful as the “sigtool.XXX” files may have been placed where you don’t expect! In my case, they were placed in the directory of the stand-alone JDE therefore the Eclipse plug-in couldn’t find them.
Signing Your Application Using the BlackBerry JDE Plug-In for Eclipse
To sign your application first make build it by going to Project >> Build Active BlackBerry Configuration. Next, go to BlackBerry >> Request Signatures this will bring up the “Signature Tool” window.
The Signature Tool window will contain multiple rows of data but you really care about the rows with a “Status” of “Not Registered” and a “Category” of “Required.” If the text in the “Status” field is red it means that the key mentioned in the “SignerID” column is missing or that the key hasn’t been registered. If the text in the “Status” field is navy blue it means that the key mentioned in the “SignerID” column exists and has been registered but the application has been signed with that key.
To sign your application (represented by a .COD file) click the “Request” button at the bottom of the “Signature Tool” window. You will then be prompted for your Private Key. Note that the Private Key is different from the Registration PIN you supplied to RIM.
Once your application is signed the “Status” fields will read “Signed” and they will be green in color. You are now ready to deploy your application to a real BlackBerry.
Remember that each time you build your application a new COD file is generated and it will need to be signed again before the application can be deployed to a BlackBerry device.
I hope this article provides you some guidance as you get started in developing BlackBerry applications. If you have any comments please feel free to email me or post a comment.