Signing an Application or Cabinet File for Release to the Public
The SDK certificates are for development or test purposes only. Users will never have SDK certificates installed on their devices. Therefore, when an application is ready to be released to users, it must be signed with a certificate that is on the user's device. All OEMs and mobile operators currently include the Mobile2Market unprivileged certificates on the devices they ship. Most OEMs and mobile operators also include the Mobile2Market privileged certificates. Therefore, unless your application needs to run trusted on a device that does not have the Mobile2Market privileged certificate, you should have your application signed with one of the Mobile2Market certificates. For more information about the Mobile2Market Program see this Microsoft Web site.
To run your application on a device that does not have the Mobile2Market privileged certificate, you need to ask the OEM or mobile operator to sign your application.
Note If the device security configuration requires signed binary files and the application binary files are unsigned, the application will not run. For more information about security configuration, see SecurityPolicy Configuration Service Provider and Testing How an Application Will Behave Under Different Security Configurations.
Send Feedback on this topic to the authors