Changes to code signing

Signing apps has changed from BlackBerry WebWorks 1.0. The signing process has been streamlined; simply building the app in release mode results in a signed application. More significantly, as of BlackBerry WebWorks 2.0, the WebWorks SDK uses the BlackBerry ID token for signing, which associates your keystore with your BlackBerry ID.

As of BlackBerry WebWorks 2.0, to sign WebWorks apps, you need to create a BlackBerry ID token (bbidtoken.csk) and use it to create a developer certificate. The resulting certificate is used to sign your release-ready code, and also to create debug tokens that allow you to test your app on a BlackBerry device.

For more information about getting and using the BlackBerry ID token, see Set up your computer for testing and signing.

If you are updating an earlier version of your app that was signed using a signing authority token, you can link that token to your BlackBerry ID token (bbidtoken.csk). By linking these accounts, your updated BlackBerry WebWorks app keeps continuity with the previous versions of your app and appears to end users as an update, rather than a new app altogether.

Linking your BlackBerry ID token to a signing authority account

You can link your BlackBerry ID token to an existing signing authority account. Linking the two accounts allows you to produce .bar files with the same Package-Author-Id, Package-Id, and Application-Id, so that you can create upgraded versions of your existing app.

  • Link accounts using the SDK web tool

    1. On the Start menu, click BlackBerry >BlackBerry WebWorks <version>. A new browser window opens, displaying the BlackBerry 10 WebWorks SDK web tool.
    2. In the navigation panel, click Certificate.
    3. In the Location field, enter the full path to your barsigner.csk file.
    4. Click Add Signing Key. The Link Signing Keys fields appear.
    5. In the BBID Signing Token Location field, enter the full path to your bbidtoken.csk file.
    6. In the Barsigner Password field, enter the password associated with your barsigner.csk.
    7. In the BBID Signing Token Password field, enter your BlackBerry ID token password.
    8. Click Link Signing Keys. The developer certificate (the author.12 file) is created in the same location as your signing key.
  • Link accounts using the command line

    When using the command-line tools, you have a few options:
    • Link your barsigner.csk to the bbidtoken.csk, where both passwords are same:
      blackberry-signer -linkcsk –cskpass <Legacy CSK password or BBID Token CSK password>
    • Link your barsigner.csk to the bbidtoken.csk, where bbidtoken.csk is in a custom location and both passwords are the same:
      blackberry-signer -linkcsk –bbidtoken <BBID Token CSK filename>    
          –cskpass <Legacy CSK password or BBID Token CSK password>
    • Link your barsigner.csk to the bbidtoken.csk, where both are in the default directory:
      blackberry-signer -linkcsk –oldcskpass <Legacy CSK password> 
      –bbidcskpass <BBID Token CSK password>

Last modified: 2014-05-14



Got questions about leaving a comment? Get answers from our Disqus FAQ.

comments powered by Disqus