Skip to Main Content

Embedded Technologies


For appeals, questions and feedback, please email

How to use a Ca signed certificate for code signing in eclipse

3345501Nov 22 2016 — edited Nov 22 2016

eclipse neon sp1

Java 8 / javaMe 8

The Keystore contains 3 certificate entries: The certificate of the issuer ca, the codesigner certificate generated with openssl signed by issuer ca and a self signed certificate generated with the create new key pair button labeled: "me signer".

The keystore is referenced from eclipse and on the page Java ME/signing all certificates hold by the store are visible.

simple test:

IMletDemo, application descriptor, security tab, "sign generated packages" is checked. For Sign Properties:key alias to use, only the self signed certificate can be selected. The others are not visible.


why? comparing the selfsigned cerificate and the openssl generated, w.r.t extensions and purpose both are identical! Of course the keys and hash are different, but this is normal I think.

doing a "keytool -list", the selfsigned certificate is labeled privateKeyEntry, while the other has the attribute trustedCertEntry. I hope this difference is not the cause and is due to the fact that one is selfsigned and the others have a correct certification chain. If this is not the case, please explain why!

Of course this is only half the way. More important would be to now, what kind of required permissions with what of value must be added to get the program working. Where can this information be found? Preferably with explications, to know what ist required and why it must be added. Background knowledge!

Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Dec 20 2016
Added on Nov 22 2016
1 comment