Hi, Any work around for windows mobile 6 dynamic loading warningmessage ?

[Manas]

Is there any way to avoid the below message while dynamicaly loading
the a dll into windows mobile 6, without signing the dll ?

"Starting this program requires a component from an unknown
publisher.
You should start the program only if you trust the component's
publisher. Do you want to continue?"

-Manas

 

[Simon Hart [MVP]]

Yes by signing your code using a digital signature provided from Verisign or
Thawte. You can sign your code using signtool.exe(.NET 2.0 and later) or
signcode.exe (pre .NET 2.0). You can also create your own digital signature
using makecert.exe.

 

[Christopher Fairbairn]

Hi,

Is there any way to avoid the below message while dynamicaly loading
the a dll into windows mobile 6, without signing the dll ?

"Starting this program requires a component from an unknown
publisher.
You should start the program only if you trust the component's
publisher. Do you want to continue?"

In general you can not avoid this prompt without signing your DLL, unless
your deployment scenario and device selection enables you to change to a
less restrictive device security model.

Depending upon the device (and vendor) in question you may not be able to
easily change the security model utilised by your device and it may not be
something end users would be happy to do to their device at any rate.

If you want to get rid of this prompt on a device that employs the "one or
two tier with prompt" security model without needing modifications to the
PDAs, your only option is to purchase a code signing certificate from the
likes of Verisign.

The Window Mobile 6 SDK contains sample certificates you may be able to use
during development.

Hope this helps,
Christopher Fairbairn

 

[WinMobileNewMan]

Hi Simon ,

Many thanks for the answer!

I tried to use signcode.exe , I am not able to see any certficates under
'select from store' option in Digital signature wizard to choose .

How to get the reuired certificate under 'select from store option'.

Which is the right certficate to choose and where can i locate them...i need
to sign a test dll and i dont want the message to pop-up as i described in my
first mail.

What is the select from file otion? can i choose the certificate file as well?

I have asked too many questions...wish i dint bug u up

 

[Simon Hart [MVP]]

You need to add your cert to the certificate store on your dev machine for
nice integration with Visual Studio.

Execute on the command-line: start c:\windows\system32\certmgr.msc then
import your cert using the wizard.

--
Simon Hart
Visual Developer - Device Application Development MVP
http://simonrhart.blogspot.com

 

[Simon Hart [MVP]]

You need to add your cert to the certificate store on your dev machine for
nice integration with Visual Studio.

Execute on the command-line: start c:\windows\system32\certmgr.msc then
import your cert using the wizard.

--
Simon Hart
Visual Developer - Device Application Development MVP
http://simonrhart.blogspot.com

 

[WinMobileNewMan]

Hi Simon ,

Thanks again!

Simon, afterfollowing the command suggested below i could only imported the
certificates to certain store(i dont know where it went physically in
system:-( )...

still i dont see the certificate after clicking on 'select from store' using
signcode wizard '

and how to get the corresponding private key(is the key a file or number ?)
and where can i locate the key?

could you please tell me the detailed step to do it? it would really help!

 

[WinMobileNewMan]

Hi ,

Thanks for your reply!

Based on your instruction i created a self signing certificate and used that
to sign the dll. Then included the dll during runtime. The message still
appears (for the first time only after each recompilation) .

is the any other places where i got to include the dll or any other clue?

-Manas

 

[Simon Hart [MVP]]

Have you installed the cert onto the device? you can easily do this by
creating an xml file in the format expected by the certificateStore
configuration service provider and wrap this up into a cab file - ensure the
xml file is named _setup.xml (ensure you include the underscrore as the
install won't work otherwise).

 

[Christopher Fairbairn]

Hi,

Based on your instruction i created a self signing certificate and used
that
to sign the dll. Then included the dll during runtime. The message still
appears (for the first time only after each recompilation) .

As a first step have you tried using the sample certificates included within
the Windows Mobile SDKs? Using these will help eliminate the process you
have used to create your certificate as the potential source of your
problem.

Since Windows Mobile devices will not ship with the required client side
certificates to trust your self signed certificates (or the Microsoft sample
ones) you need to install a certificate into the certificate store of your
Windows Mobile device in order for the PDA to accept executables signed with
the matching certificate.

For example with the Windows Mobile 5.0 Pocket PC SDK you probably have a
cab file called sdkcerts.cab located within the C:\Program Files\Windows CE
Tools\wce500\Windows Mobile 5.0 Pocket PC SDK\Tools folder. Installing this
CAB file onto a PDA will install the required device side certificates in
order for the OS to accept executables signed with the various certifcates
located within the same folder.

See for example the step by step guide available in the "Windows Mobile 5.0
Application Security" article on MSDN underneath the "Signing an Application
During Day-to-Day Development" section -
http://msdn2.microsoft.com/en-us/library/ms839681.aspx

One common mistake made when initially signing executables is forgetting to
sign one of the application components. You need to sign your main
executable, any *.dll files it loads and the *.cab file itself (if you are
deploying your applications in that manor).

Hope this helps,
Christopher Fairbairn

 

[WinMobileNewMan]

Hi ,

Thanks!

How to to obtain the password for the .pfx (if i use the sample certificate
available with sdk) . I am using WM6.0 anyway .