Digital Signing


Sign New Key Pair


To create a new Key Pair and sign it using the currently selected Key Pair:
  1. Right-click on the signing Key Pair entry in the KeyStore Entries table. Select the Sign sub-menu from the pop-up menu and from that Sign New Key Pair.
  2. If required the Unlock Entry dialog will be displayed. Enter the Key Pair entry's password and press the OK button.
  3. From that point on it works like generating a Key Pair.

Sign a CSR


To sign a CSR using a Key Pair:
  1. Right-click on the signing Key Pair entry in the KeyStore Entries table. Select the Sign sub-menu from the pop-up menu and from that Sign CSR.
  2. If required the Unlock Entry dialog will be displayed. Enter the Key Pair entry's password and press the OK button.
  3. The Choose CSR dialog is displayed. Select the drive and folder of the CSR to be signed.
  4. Type the filename into the File Name text box.
  5. Click on the Choose button.
  6. The CSR's signature will be automatically verified. If valid the Sign CSR dialog is displayed. Review the CSR details.
  7. Select a Version and Signature Algorithm and enter a Validity Period and Serial Number.
  8. Use the Browse button to select a CA Reply File.
  9. Optionally, for version 3 CA Reply, add certificate extensions by clicking on the Add Extensions button.
  10. Press the OK button to commence signing and produce the CA Reply.

Sign a JAR


To sign a JAR using a Key Pair:
  1. Right-click on the signing Key Pair entry in the KeyStore Entries table. Select the Sign sub-menu from the pop-up menu and from that Sign JAR.
  2. If required the Unlock Entry dialog will be displayed. Enter the Key Pair entry's password and press the OK button.
  3. The Sign JAR dialog is displayed.
  4. Use the top Browse button to select an Input JAR to be signed.
  5. To output the signed JAR to a different file from the Input JAR uncheck the Sign Directly check box and use the bottom Browse button to select an Output JAR. Otherwise the Input JAR will be signed directly.
  6. Enter a Signature Name and select a Signature Algorithm and a Digest Algorithm.
  7. Click on the OK button to commence signing.

Sign a MIDlet


To sign a MIDlet using a Key Pair:
  1. Right-click on the signing RSA Key Pair entry in the KeyStore Entries table. Select the Sign sub-menu from the pop-up menu and from that Sign MIDlet.
  2. If required the Unlock Entry dialog will be displayed. Enter the Key Pair entry's password and press the OK button.
  3. The Sign MIDlet dialog is displayed.
  4. Use the top Browse button to select the Input MIDlet JAD to be signed.
  5. To output the signed JAD to a different file from the Input MIDlet JAD uncheck the Sign Directly check box and use the middle Browse button to select the Output MIDlet JAD. Otherwise the Input MIDlet JAD will be signed directly.
  6. Use the bottom Browse button to select the MIDlet JAR.
  7. Click on the OK button to commence signing.
Note: DSA Key Pairs cannot be used to sign MIDlets. Only RSA Key Pairs are supported for this purpose.