Run MakeKeys
at the command prompt using the -cert
option.
The following is the syntax:
> makekeys -cert [-v] [-expdays <cert-expiry-in-days>] [-password <password>] [-len <key-length>] -dname <distinguished-name-string> <private-key-file> <public-key-cert>
Important: Specify a name for the output private key file with .key extension and output self-signed certificate file with .cer extension.
For example,
> makekeys -cert -expdays 3650 -password yourpassword -len 2048 -dname "CN=Symbian Developer O=Nokia C=GB" HelloWorld.key HelloWorld.cer
Here,
HelloWorld.key
is the name of the output private
key file that must be kept secret
HelloWorld.cer
is the name of the output self-signed
public key certificate that can be used to verify the digital signature.
See MakeKeys Reference for more information on the options and arguments that can be provided with the MakeKeys tool.
The self-signed certificate can be included in installation files and used to verify the digital signature with a matching private key. However, secure installation requires that the certificate containing the public key be digitally signed by a trusted third party. Therefore, a certificate request must be sent to the Certification Authority (CA) for signing. See Generating a Certificate Request for details about creating a certificate request.