Certificate Management and Application Signing for ISVs
Windows Mobile-based Pocket PCs and Smartphones are available in several security configurations. The typical configurations are locked, third-party signed, prompt, and security-off. For more information, see Selecting Security Configuration. Depending on the device security configuration, independent software (ISVs) and hardware vendors (IHVs) may need to have applications and cabinet files signed with a certificate that is installed on the device.
Unsigned applications can still run on Windows Mobile-based devices. Prompt and security-off configurations allow unsigned applications to run.
ISVs and IHVs can work with Mobile2Market partners that provide certificate authority and digital signature services for signing applications for Windows Mobile-based Pocket PCs and Smartphones. For more information about the Mobile2Market Program see this Microsoft Web site.
Alternatively, ISVs and IHVs working with mobile operators during device development can have the operator sign the applications deployed with the device.
While developing and testing applications, you can create and use a test certificate. Or you can use test certificates available in Windows Mobile 5.0 SDK. The following topics provide additional information for developers using Visual Studio 2005 and Windows Mobile SDK:
- Preparing a Device for Development
- Deciding on the Type of Certificate to Sign an Application
- Signing an Application During Day-to-Day Development
- Signing a Cabinet File During Day-to-Day Development
- Signing an Application or Cabinet File for Release to the Public
- Testing How an Application Will Behave Under Different Security Configurations
Send Feedback on this topic to the authors