How can I provide our customers a J2ME App for Nokia devices with an expired (code signing) certificate? I can't renew it because the CA refuses to deliver a new SHA1 certificate because SHA1 is obsolete. I also can't use SHA2 because the old nokia devices don't support SHA2 (Nokia 206, Nokia 301, Nokia 2700c). What should I do? Our customers can't download our software anymore!
Asked
Active
Viewed 369 times
0
-
1You don't HAVE to sign J2ME MIDlets. Signing is only necessary to prevent all those security messages from popping up, like "App is trying to access camera. Allow this?" – mr_lou Jun 22 '15 at 05:50
-
You are right. But when someone updates the Software from (example) Version 1.9 to 1.10 all the data have been missed. So an update is not possible. – MichaB Jun 22 '15 at 06:29
-
1I suppose that's true yes. But if you create a version 1.10 and bundle it with the old version 1.9 in the same MIDlet Suite - then those two MIDlets should be able to share the same RMS - because they are bundled in the same suite. Maybe worth looking into. – mr_lou Jun 22 '15 at 12:20
-
Good idea.This means I should bundle the new unsigned app with the old signed app. But in this case I would get the alert "invalid certificat" again while downloading it because of the expired certificate of the old app. Is that right? – MichaB Jun 23 '15 at 06:24
-
1I think you're right unfortunately. You'd have to look into some way of accessing RMS from another MIDlet without touching the already installed MIDlet. Maybe this will help: http://stackoverflow.com/questions/5091148/reading-rms-data-of-other-midlet – mr_lou Jun 23 '15 at 11:42