Tizen Developers

Hello.

This can be helpful to someone who want to maintain his certificates.

But above whole steps overlaps some processes.

There are two ways to back up certificates.

  1) Using keystore folder, author.crt and device-profile.xml

  2) Using author.p12 and distributor.p12

But you mentioned both ways in a process,

so step #9 and #10 will create new author.p12 and distributor.p12 and will overwrite old things you have backed up.

It can be devided these two ways. And both will be OK.

For 1), Step #1(not containg p12 files), #2, #3, #7, #8, #9, #10 needed.

For 2), Step #1, #3, #4, #5, #6 needed.

Bye.

Thank you, but please note that your second method wasn't suitable for me to fix the signing issue.  I had to perform all the steps listed above to let me generate a signed TPK package.

Maybe the problem was at my first attempt is that the SDK IDE didn't recognize that I've copied back the author.crt and device-profile.xml files into the keystore folder.  Maybe there could have been a way to let it recognize the files there, but I could do that only with performing step #8, #9 and #10.

When using author.crt and device-profile.xml, #8, #9 and #10 must be required.

And author.pri in the keystore is also required.

I think I'm getting lost in all those cert files :)  Let's say I have an existing Tizen SDK 2.3.0 installation, and I store all my files in c:\tizen-sdk-data\keystore.  So I've got the following files in that folder:

author.crt
author.csr
author.p12
author.pri
author.pub
device-profile.xml
distributor.p12

I can use the existing IDE to compile and sign TPK packages, and also to run the apps on a real Z1 device.  Now, I want or need to re-install everything from scratch.  I would of course backup the whole keystore folder.  Once I installed the new SDK IDE and Tizen Extension SDK for Certificate 2.3, what should my next steps be?  Should I copy back the backed up files to the c:\tizen-sdk-data\keystore folder of the new SDK installation?  If yes, then after then do I have to do anything on the SDK IDE to make sure the SDK knows about the files stored in the keystore folder?

Or would I be better off by backing up the SDK IDE configuration settings?  How to do that?  Which files do I need to back up to make sure the keystore moving process to the new installation works as smoothly as possible?

Thank you for your patience about my issues ;)

This is the guide based on the help contents of Tizen Extension SDK for Certificate.

So, if you have backed up author.p12 and distributor.p12, then should have no problem to package after new installation.

And, I can also say that if you have backed up author.pri, author.crt and device-profile.xml then you can generate two p12 files using Tizen Extension SDK for Certificate. It's step #7, #8, #9 and #10 you already mentioned. (author.pri should be placed at keystore folder)

Bye.

"So, if you have backed up author.p12 and distributor.p12, then should have no problem to package after new installation"

It depends on how you define "no problem" :)  I've reinstalled SDK 2.3.0 Rev1 from scratch again, restored the above listed files into c:\tizen-sdk-data\keystore, but when attempting to build a TPK, signing failed.  It complains about the lack of security profile.  If I select the existing c:\tizen-sdk-data\keystore\author.p12 and c:\tizen-sdk-data\keystore\distributor.p12 files in Preferences / Tizen SDK / Security Profiles, enter the relevant passwords, and then try to build the TPK again, it says signing failed -- but this time it won't provide any hints on what my installation is missing or what configuration should I do next to fix things up.  Based on what you wrote above I assumed a new installation would automatically pick up the restored files from the keystore folder, but apparently not.  I still have to push the Register Certificate button on the toolbar to select author.crt and device-profile.xml files, which as you stated above, will generate a new author.p12 and distributor.p12 files, and automatically fills the Security Profiles in the Preferences. So I might as well have skipped filling the Security Profiles settings, since my previous files and settings got overwritten.  Maybe it's just me, but I find it quite non-user-friendly that the SDK wants me to fill the Security Profiles, I do that, then it says nothing but "signing failed", no more guidelines on how to fix it further. Then if I happen to be smart enough to find the Register Certificate button, I can fix things up, but then it overrides my previous Security Profiles settings -- so why did I have to deal with configuring the Security Profiles in the first place? :)  IMHO the Tizen SDK should have to be way more helpful and much more user-friendly than it is now... It would also be great if Tizen Extension SDK for Certificate 2.3 would be automatically installed with the SDK.

Firstly I totally agree with your opinion about the current inconvenience and feel sorry about that.

Samsung will improve UX at next release of Exntension SDK for Certificate. I hope it will be more friendly with developers.

Turn back to the problem, I also did try like you.

I backed up two p12 files and have installed Tizen SDK 2.3.0 Rev1 newly.

Then create new Security profile and select each p12 file and password, and could create tpk package.

I want to see the Error Log of IDE when you failed to sign.

 1) Go to Windows -> Show View -> Other -> Error Log

 2) Try to package again and see the Error Log says. It will show about this fail.

Please share your result.

Thanks.

You were right, it was a different issue. It seems now, after reinstallation the SDK doesn't accept my distributor.p12 file password.  I don't know how it's possible, since I clearly remember entering the same password as for author.p12, and the password should also be fine.  The only problem I can think of is that I mistyped the password, which could easily happen with long passwords.  IMHO it would be best if you could ask the user to enter the password twice in both the Security Profiles configuration window, and also in the Register Certificate window.

BTW, if I forget or mistype my author.p12 or distributor.p12 password, could there be an issue about publishing or updating my TPK in the Tizen Store?  Or I only have to be extremely careful about keeping the original author.crt file, because I can generate the .p12 files using that file in the Register Certificate window?

What happens in a situation when I happen to lose everything about my existing Tizen keystore, incl. the author.crt file and both .p12 files, and I want to update an already published app of mine in the Tizen Store?  Can I simply go ahead and request a new author.crt file and use it to create the new .p12 files, and the signing and validation of the TPK will work just fine?  In other words, what information is tied to the app publisher?  The email address that requested the original author.crt file?  Or the email address used to published the app in the Tizen Store?

I'm sorry for asking too many questions, but I'd prefer to have a full understanding on how to recover my development environment in a potential system breakdown when let's say I'd lose almost everything about my current Tizen development environment.

One more thing: to make things more user-friendly and ease the process of finding signing issues, IMHO it would be great if you could validate the entered author.p12 and distributor.p12 passwords right after the user specified them in the Security Profiles configuration window.  And if that's not feasable, then after signing explain the user where the problem was.  Finding the Error Log window is quite difficult, I for myself would have never found that by myself, without assistance.

I agree with your suggestion. In the next relase of Tizen Extension SDK for Certificate, before the last step of registraion finished, it will check the password and say fail. Thank you for your good opinion.

Sorry for late answer.

If you forget password, unfortunately it is surely an issue.
After registration success, you can package tpk and upload to Store. As long as you use this SDK, it's OK.
But in the future if you want to import these p12 files to another new SDK, at that time you can't import because of forgotten password.
Even if you well backed up author.crt, you can't generate .p12 file without password.
When I checked with Security Guy, if an user lost his password there is no way to recover it and can't update his previous app in the store.

Just using author.p12 and distributor.p12 it should be able to create package.

When you tried before, which messages did you get?

I always got the same Signing... failed! message, until I've done step #8, #9 and #10.  But maybe I should have done things in a different order, like install Tizen Extension SDK for Certificate 2.3 before selecting my .p12 files.