Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Adobe AIR Development

Reply
Developer
tensioncore
Posts: 323
Registered: ‎12-13-2010
My Device: Bold 9900/Z10 Special Edition
My Carrier: Rogers

Re: HOWTO: Sign your Applications from CMD

Wild how some are having a lot of problems and others it is done perfectly without any issues on the first try. I think this is good evidence the engineers need to make a GUI app for us to sign our apps with....or get on Adobe to get Burrito working for app signing.
CEO/Lead Developer - Tensioncore™ Design Studios
http://tncr.ws/ - ShortenThis!™ for Blackberry Playbook | ShortenThis!™ for BlackBerry® 10
The Periodical Toe A highly informative Table of Elements
DrawThis! A fun drawing app for the BlackBerry® PlayBook™!
http://www.tensioncore.com/ - Tensioncore™ Web Hosting
Please use plain text.
New Developer
killerspaz
Posts: 199
Registered: ‎12-29-2010
My Device: Not Specified

Re: HOWTO: Sign your Applications from CMD

[ Edited ]

So.. I have an issue that I can't figure out :smileyfrustrated:

 

When I built my PKCS12 key from FlashBuilder, i gave it a company name of "Company, Inc."

 

When I registered for the CSJ, I gave it the same thing...

 

When I tried signing however, i see

Code signing request failed because Package-Author in Manifest is not set to [Company  Inc.].

 

Notice that there's TWO spaces between COMPANY and INC... It's like it stripped out the comma and put in a space.

 

So my idea was to rebuild the PKCS12 key with the company name set to what my CSJ seems to be expecting.. I also updated my blackberry-tablet.xml file with the same value.

 

At this point, I can't get my app to compile for the life of me, and I get this error from ADT:

unable to retrieve key (password may be incorrect)

 

I know for a fact the password is correct - I can list/delete the key from the keytool app...

 

Attempting to use the java keytool instead of the included packaged blackberry-keytool, I use the same command, but get a different error stating that it's not an RSA key.. So I added -keyalg RSA to the command... NOW I get the error "not an X509 code-signing certificate"

 

They commands listed here, and at (http://docs.blackberry.com/en/developers/deliverables/23959/Signing_your_application_1422721_11.jsp) to generate keys are invalid - they absolutely DO NOT WORK for compiling your app.

 

Anyone done this extensively that can help me out? I'm stuck in limbo, with dead keys everywhere.

 

 

 

 

***UPDATE*** Ok, so I found an ADT command to generate a certificate, and wanted to compare the differences... Aside from the MD5/SHA1 keys, the difference were the dates it was valid for.

After scouring the documents, I see that when you generate with ADT is sets validity to 5 years.. once I changed this (1825 days for validity param) it compiled!

 

http://help.adobe.com/en_US/air/build/WSfffb011ac560372f-19aa73f128cc9f05e8-8000.html#WS5b3ccc516d4f...

 

 

Except NOW, when i try to do the 2nd signing, i get the error:

barsigner error: private key algorithm is not compatible with signature algorithm

Please use plain text.
New Developer
killerspaz
Posts: 199
Registered: ‎12-29-2010
My Device: Not Specified

Re: HOWTO: Sign your Applications from CMD

[ Edited ]

I'm REALLY frustrated, and can't figure this out.. it's been 3 hours of messing with this **bleep**, and I seriously feel like I just lost all chance at getting this into the store.

 

I feel this way cuz I can't resign my app, says it's already signed! Even if I generate a new BAR file it knows on the server it's signed --- so {word filter avoidance}

Please use plain text.
Developer
jtegen
Posts: 6,541
Registered: ‎10-27-2010
My Device: HTC One, PlayBook, LE Z10, DE Q10
My Carrier: Verizon

Re: HOWTO: Sign your Applications from CMD

It can be very frustrating.  Certain it made perfect sense to those that developed it.

Can you delete all the generated files and start over?

If that does not work, can you get a new CSJ file (re-request from BB) and start over at that point?

 

Please use plain text.
Developer
jtegen
Posts: 6,541
Registered: ‎10-27-2010
My Device: HTC One, PlayBook, LE Z10, DE Q10
My Carrier: Verizon

Re: HOWTO: Sign your Applications from CMD

"Its been signed" usually occurs because you need to change the version.

Please use plain text.
New Developer
killerspaz
Posts: 199
Registered: ‎12-29-2010
My Device: Not Specified

Re: HOWTO: Sign your Applications from CMD

[ Edited ]

So I changed the version like you said, and it resigned, but on the 2nd signing i still get the same error:

 

First Signing:

 

Connecting to url http://www.rim.net/Websigner/servlet/RDK-Waterloo
Sending properties to server...
Properties of response := [
Version = 1
Response = Signature Response
Confirm = Signing server ID RDK signed code file from client ID XXXXXXXX.
Error = null
]

 

Second Signing:

barsigner error: private key algorithm is not compatible with signature algorithm

 

 

I don't even know what that even means!? How can I sign on the server, but not sign the app!?

 

No matter if I generate the key myself from blackberry-keytool (with a LOT more options than the docs or this thread show, because they are incomplete to sign for regular AIR or deploying to windows/mac/linux), or if I use the ADT generate (and then I have to change the alias to author manually with blackberry-keytool) - I get this error.

 

Can maybe someone from Blackberry chime in here?

 

 

 

 

***ANOTHER UPDATE***

Ok... I'm beyond irritated.. hell, let's just call it pissed off.

 

I decided to break apart my build process, and stop building AIR/Desktop versions of my app.

When doing so, I can still generate my bar file, and then signing works fine.

 

I can either get a key from blackberry-keytool to work for compiling air, or for signing the bar, but NOT BOTH.

This is NOT acceptable! Is there something I'm missing? Or is Blackberry incompetent about the concept of deploying to multiple targets?

Please use plain text.
Developer
JRab
Posts: 2,462
Registered: ‎11-04-2010
My Device: Bold 9700

Re: HOWTO: Sign your Applications from CMD

quick question, when you say ADT, do you mean the blackberry-* toolset or the actual adobe air packager thats called ADT? and you said you used the java device signing command line in some parts (from what i read). or did i read that wrong?

 

from what its looking like, your best bet will be to request a new set of keys (csj file) from RIM. this time making sure you only use alpha numeric characters in every field and no puncuations or special characters. Good luck!

J. Rab (Blog) (Twitter)
--
1. If you liked my post or found it useful please click on the thumbs up and provide a Like!
2. If my post solved your problem please click on the Accept as Solution button. Much appreciated!

Approved Apps: OnTrack | ssShots | Hangman
Please use plain text.
New Developer
killerspaz
Posts: 199
Registered: ‎12-29-2010
My Device: Not Specified

Re: HOWTO: Sign your Applications from CMD

check my latest update..

 

To answer your question, I have tried:

* Java toolset: keytool - builds a valid key to sign my AIR app, but not sign w/BB.

* ADT - builds a valid key to sign my AIR app, but not sign w/BB.

* Blackberry SDK's blackberry-keytool (which looks to be a modified version of the java one, but not significantly... I say this because some flags work fine on keytool, but not on the BB one) - builds a valid key to build my AIR app, OR to sign, but NOT BOTH.

 

 

I don't believe getting a new CSJ will solve anything, this is an issue with the tooling provided, and the poor documentation.

 

I can't have 2 keys (1 for playbook, 1 for all other deployments) because that just totally invalidates any cause for a key. Sure it's possible, but it's not only stupid, but completely breaks the concept.

Please use plain text.
Developer
smiley
Posts: 1,417
Registered: ‎07-14-2008
My Device: Z10
My Carrier: Fido

Re: HOWTO: Sign your Applications from CMD

 


killerspaz wrote:

I'm REALLY frustrated, and can't figure this out.. it's been 3 hours of messing with this **bleep**, and I seriously feel like I just lost all chance at getting this into the store.

 

I feel this way cuz I can't resign my app, says it's already signed! Even if I generate a new BAR file it knows on the server it's signed --- so {word filter avoidance}


I hear you.  I spent about 6 hours the first day when keys were available.  I finally requested a new key and did the old dirty cmd way and it works.  Just follow the steps using the cmd on page one of this thread.

 

Please use plain text.
New Developer
killerspaz
Posts: 199
Registered: ‎12-29-2010
My Device: Not Specified

Re: HOWTO: Sign your Applications from CMD

[ Edited ]

So I did that, but as I explained in a more recent post, the only way I can get this working is to have 2 keys, and to break up my ant scripts into 2 different build processes.

 

1 to build to: Air for Desktop, Native for Win/Mac/Linux, and Android

1 to build to: Playbook.

 

I find this completely unacceptable as a) It totally jacks up my build process, which WAS really straightforward, b) I now have TWO "identities.

 

Sure to the naked eye, and the average person this doesn't mean much... But if I want to go to the approach of using backed certs, I am now shelling out cash for TWO CERTS! I don't know if you've ever bought certs before, but they're not cheap. For the price of 2 certs ($550 at thawte), I could probably buy 2 playbooks.

 

I really want to think RIM/Blackberry thought this through a little bit more, and maybe i'm just missing something... But without their vocalization and heavy interaction with the community, I'm afraid I'm getting shafted here.

 

Obviously some of this is frustration - if it all went smoothly you wouldn't be hearing a peep from me. Maybe some of the things I'm saying are coming off harsh, but at this point I've lost a half day to this, and I have a signed BAR I'm afraid of submitting for a fractured "identity."

Please use plain text.