DEVELOPERS BLOG

BlackBerry 10 Code Signing Guide for Contractors with Multiple Clients

BlackBerry Code Signing Keys

Contractors creating applications for multiple clients will need to make use of multiple developer certificates and BlackBerry Code Signing Keys or BlackBerry ID Tokens. It is important to note that upgrades to an application must be signed with the same BlackBerry Signing Account as the previous version, otherwise the application upgrade would be installed as a separate application.

This blog post outlines the recommended procedure for managing this situation, which protects both the contractor and client company who owns the application. We’ll cover BlackBerry ID Tokens and BlackBerry Code Signing Keys. If you are developing using a BlackBerry 10.2 or higher SDK, it is recommended to use BlackBerry ID Tokens. If you are developing for the BlackBerry PlayBook or using an SDK lower than version 10.2, you need to use a BlackBerry Code Signing Key. Note that if both are present on your system, the BlackBerry ID Token will be used for version 10.2+ SDKs and the BlackBerry Code Signing key will be used by older SDKs.

For this tutorial, we’re going to assume you are starting from a clean computer that does not have any existing BlackBerry ID Tokens or BlackBerry Code Signing keys installed. If you have keys installed already, follow the instructions in the article Backup and Restore BlackBerry Code Signing Keys to back up your existing files and then erase those files from your computer to prepare to configure new ones.

Using BlackBerry ID Tokens

If you are developing using a BlackBerry 10.2 or higher SDK, it is recommended to use BlackBerry ID tokens. Step one would be to have your client log into their BlackBerry ID account and download a BlackBerry ID Token. This puts them in control, enabling them to supply future contractors with a token that can be used to sign upgrades of their application. You shouldn’t be held liable for a lost or missing BlackBerry ID Token. Once they have their token they can email it to you along with the password they chose when downloading the token.  You’ll need to save the token in the directory listed below:

  • Windows Vista®, Windows 7® and Windows 8®:  %HOMEPATH%AppDataLocalResearch In Motion
  • Windows® XP:  %HOMEPATH%Local SettingsApplication DataResearch In Motion
  • Mac OS:  ~/Library/Research In Motion
  • Unix / Linux:  ~/.rim

After receiving the BlackBerry ID token, you’ll need to create a developer certificate with your client’s name.

Creating a Developer Certificate using a BlackBerry IDE

To create a developer certificate using a BlackBerry IDE, click on the Window menu, choose Preferences, expand BlackBerry, select Signing and click on the Create Certificate button. When creating the developer certificate use the same password as the BlackBerry ID Token. This should create an author.p12 file in the same location you saved the BlackBerry ID token.

Creating a Developer Certificate Using the Command Line

To create a developer certificate using the command line, execute the command below. Use the same password as the BlackBerry ID token.

blackberry-keytool -genkeypair -storepass <your_password> -dname "cn=<company_name>"

Replace <your_password> with the password you wish to use. It is recommended to use the same password as the BlackBerry ID token. Replace <company_name> with your client’s company name. This should create an author.p12 file in the same location you saved the BlackBerry ID token.

Using BlackBerry Code Signing Keys

If you are developing using a BlackBerry 10.2 or higher SDK, it is recommended to use BlackBerry ID tokens. If you are developing using an older version of BlackBerry SDK, you will need to use BlackBerry Code Signing Keys.

Is this Your Client’s First BlackBerry Application?

If this is your client’s first BlackBerry application, they need to start fresh. The first step is to either have your client request or request on their behalf a BlackBerry Code Signing key using their company name.  Once received, install the code signing keys. Refer to the Code Signing help pages for instructions for installing keys for your SDK.

After they have been configured, back up the code signing keys and send a copy of them to your client. They can be backed up using the procedure outlined in this article: Backup and Restore BlackBerry Code Signing Keys.

Your Client has Existing BlackBerry Applications

If your client has existing BlackBerry 10 or BlackBerry PlayBook applications they would already have a BlackBerry Code Signing key. Have them send you a backup of their key which you can restore.

Mark Sohm

About Mark Sohm

Senior Technical Solutions Manager on the Solution Architects team.

Mark Sohm joined BlackBerry in 2003 and currently works as a Senior Technical Solutions Manager on the Solutions Architects team. Mark Sohm has been helping developers create applications using BlackBerry technologies for over 15 years, starting way back with the very first BlackBerry JDK on BlackBerry OS 3.6 through to BlackBerry 10 and now Android with BlackBerry Dynamics and Android Enterprise.