How to manage certificates and package applications in different Ubuntu setups

In Linux, Tizen Studio (Tizen Certificate Manager) stores the passwords of the certificates in the gnome-keyring application. Therefore, you must enable the gnome-keyring application to ensure that Tizen Studio functions smoothly and as expected.

Manage certificates through remote login

The remote login in a Linux desktop system does not have the DBUS_SESSION_BUS_ADDRESS variable set in the session. To store and lookup passwords in the host's Login keyring, we must set the DBUS_SESSION_BUS_ADDRESS.

  1. Extract the address of the dbus-session-bus from the arguments of dbus-daemon:

    ps -ef | grep "dbus-daemon --fork --session --address"

        

  2. Set DBUS_SESSION_BUS_ADDRESS:
    export DBUS_SESSION_BUS_ADDRESS=<address>

          

Certificate Manager can now store and lookup passwords from the host's Login keyring and packaging the project will be successful.

Manage certificates in headless Linux systems

 

  1. Install the package gnome-keyring :

    apt-get install -y gnome-keyring   
  2. Start a dbus session to enable keyring:
    dbus-run-session -- bash
  3. Unlock the Login keyring or create it if it does not exist:
    echo <PASSWORD> | gnome-keyring-daemon --unlock

    NOTE: <PASSWORD> is used to unlock the Login keyring or create it if it does not exist. 

The Certificate Manager will store the passwords in this keyring and the keyring daemon will fork into the background. Tizen packaging will work in the same terminal.

Manage certificates in a Docker container

  1. Install the package gnome-keyring in the docker-container, either by making changes in the Docker file or by running it in the Docker container

    apt-get install gnome-keyring
  2. Add the ipc_lock capability to run the gnome-keyring-daemon:
    docker run -it --cap-add ipc_lock <container_name>
  3. Start a dbus session to enable keyring
    dbus-run-session -- bash
  4. Unlock the Login keyring or create it if it does not exist:
    echo <PASSWORD> | gnome-keyring-daemon --unlock

NOTE: Ensure that you remember the first password used to create the gnome-keyring-daemon.
In Docker containers the following actions may lead to failure:

  1. Starting the keyring-daemons with different passwords
  2. Packaging projects or creating certificate profiles without creating or unlocking the gnome-keyring-daemon

This is because the container tries to prompt the user for the keyring password using org.keyring.SystemPrompter and most containers cannot open display.