BlackBerry 10 Code Signing Guide for Contractors with Multiple Clients

by BlackBerry Development Advisor on ‎08-29-2013 02:28 PM (5,938 Views)

Contractors creating applications for multiple clients will need to make use of multiple developer certificates and BlackBerry® Code Signing Keys or BlackBerry ID Tokens.  It is important to note that upgrades to an application must be signed with the same BlackBerry Signing Account as the previous version, otherwise the application upgrade would be installed as a separate application

 

This document outlines the recommended procedure for managing this situation, which protects both the contractor and client company who owns the application.  This guide is divided into two sections, BlackBerry ID Tokens and BlackBerry Code Signing Keys.  If you are developing using a BlackBerry 10.2 or higher SDK, it is recommended to use BlackBerry ID Tokens.  If you are developing for the BlackBerry® PlayBook™ or using an SDK lower than version 10.2 you need to use a BlackBerry Code Signing Key.  Note that if both are present on your system, the BlackBerry ID Token will be used for version 10.2+ SDKs and the BlackBerry Code Signing key will be used by older SDKs.

 

This document assumes you are starting from a clean computer that does not have any existing BlackBerry ID Tokens or BlackBerry Code Signing keys installed.  If you do, follow the instructions in the article Backup and Restore BlackBerry Code Signing Keys to back up your existing files and then erase those files from your computer to prepare to configure new ones.

 

Using BlackBerry ID Tokens

 

If you are developing using a BlackBerry 10.2 or higher SDK it is recommended to use BlackBerry ID tokens.  Step one would be to have your client log into their BlackBerry ID account and download a BlackBerry ID Token.  This puts them in control, enabling them to supply future contractors with a token that can be used to sign upgrades of their application.  You shouldn’t be held liable for a lost or missing BlackBerry ID Token.  Once they have their token they can email it to you along with the password they chose when downloading the token.  You’ll need to save the token in the directory listed below:

 

  • Windows Vista®, Windows 7® and Windows 8®:  %HOMEPATH%\AppData\Local\Research In Motion
  • Windows® XP:  %HOMEPATH%\Local Settings\Application Data\Research In Motion
  • Mac OS:  ~/Library/Research In Motion
  • Unix / Linux:  ~/.rim

 

After receiving the BlackBerry ID token you’ll need to create a developer certificate with your client’s name. 

 

Creating a Developer Certificate using a BlackBerry IDE

 

To create a developer certificate using a BlackBerry IDE, click on the Window menu, choose Preferences, expand BlackBerry, select Signing and click on the Create Certificate button.  When creating the developer certificate use the same password as the BlackBerry ID Token.

This should create an author.p12 file in the same location you saved the BlackBerry ID token.

 

Creating a Developer Certificate using the command line

 

To create a developer certificate using the command line, execute the command below.  Use the same password as the BlackBerry ID token.

 

blackberry-keytool -genkeypair -storepass <your_password> -dname "cn=<company_name>"

 

 

Replace <your_password> with the password you wish to use.  It is recommended to use the same password as the BlackBerry ID token.  Replace <company_name> with your client’s company name.

This should create an author.p12 file in the same location you saved the BlackBerry ID token.

 

Using BlackBerry Code Signing Keys

 

If you are developing using a BlackBerry 10.2 or higher SDK it is recommended to use BlackBerry ID tokens.  If you are developing using an older version of BlackBerry SDK you will need to use BlackBerry Code Signing Keys. 

 

Is your client’s First BlackBerry Application?

 

If this is your client’s first BlackBerry application they need to start fresh.  The first step is to either have your client request or request on their behalf a BlackBerry Code Signing key using their company name.  Once received, install the code signing keys.  Refer to the Code Signing help pages for instructions for installing keys for your SDK.

 

After they have been configured, back up the code signing keys and send a copy of them to your client.  They can be backed up using the procedure outlined in this article:  Backup and Restore BlackBerry Code Signing Keys.

 

Your Client has existing BlackBerry Applications

 

If your client has existing BlackBerry 10 or BlackBerry PlayBook applications they would already have a BlackBerry Code Signing key.  Have them send you a backup of their key which you can restore.