locked
distribution of self-signed application RRS feed

  • Question

  • Hi all,
    I've developed an application for Windows Mobile 6 able to self-upgrade by downloading a newer version of a DLL from a remote server and dynamically loading the new module. Signing the DLLs successfully prevents the security warning message during the upgrade.
    The distribution of the application is a bit unusual, because the aim is to ship the mobile phones with the software pre-installed to well-known users, rather than allow unknown users to download the software package from a server. Furthermore, the application upgrade is requested to be transparent to the user, with no warning messages and no expiration date.

    Given all this, we are thinking about make our own certificates with no expiration date (e.g. using makecert) and self-signing the application; it would agree with the requirements of the distribution and of the software upgrade and would save the cost of a third party certificate. In your opinion, what are the main disadvantages and risks of this solution? In case it's safe to do self-signing, do you think a single certificate is good enough or it's better to set up a root CA? 

    Thank you very much for your help.

    Friday, February 26, 2010 9:17 AM

Answers

  • Hi Sigma2010,

    If all the devices we can control, we can install our certificate on the privileged certificate stores. Only privileged certificate store contain the certificate your application sign, you can run the application without any security warning.

    In following sample, it create cab file and pfx certificate file. The cab file need install on devices you control. pfx file use to sign application.


    If you still have question, please let me know.
     


    Best regards,
    Guang-Ming Bian - MSFT
    Please remember to mark the replies as answers if they help and unmark them if they provide no help
    Thursday, March 4, 2010 2:52 AM

All replies

  • Hi sigma2010,

    Please refer to this thread:
    http://social.msdn.microsoft.com/Forums/en/windowsmobiledev/thread/e54f2286-285d-4640-9541-08c397d700cd


    If we want to distribute our software on WM platform, the best way is to buy Mobile2Market certificate.



    Best regards,
    Guang-Ming Bian - MSFT
    Please remember to mark the replies as answers if they help and unmark them if they provide no help
    Tuesday, March 2, 2010 8:27 AM
  • Hi Guang-Ming,

    thank you for your answer. I read the thread you suggested. In the last comment, Joel Ivory Johnson says:

    "That [creating a new certificate to install as a trusted authority] would be fine if you are distributing applications to a set of devices that you control (ex: you manage devices in a small business and can install the certificate on all of them) but not so good for general software distribution."

    This is exactly my case: we want to distribute a limited number of devices on which we'll have full control (before shipping, of course); it will be possible to install our own certificates to avoid the security-warning message, that is the main issue, before shipping them. Do you think that even in this case to buy a Mobile2Market certificate is the best way to distribute the software, rather than make our own certicates? If so, why? Are there other issues, security problems, ...?


    Best regards

    Tuesday, March 2, 2010 2:52 PM
  • Hi Sigma2010,

    If all the devices we can control, we can install our certificate on the privileged certificate stores. Only privileged certificate store contain the certificate your application sign, you can run the application without any security warning.

    In following sample, it create cab file and pfx certificate file. The cab file need install on devices you control. pfx file use to sign application.


    If you still have question, please let me know.
     


    Best regards,
    Guang-Ming Bian - MSFT
    Please remember to mark the replies as answers if they help and unmark them if they provide no help
    Thursday, March 4, 2010 2:52 AM