Deciding on the Type of Certificate to Sign an Application

Windows Mobile 6.5

After you install the SDK certificates on your device, you must decide how to sign your application: privileged, normal, or unsigned. You will use the same type of certificate for your day-to-day development that you will use when you release your application. The only difference is that during development you will use an SDK certificate, and when you release, you will use a certificate controlled by Mobile2Market, an OEM, or a mobile operator.

If your application needs to run privileged on a two-tier device, you need to sign your application with a privileged certificate. For day-to-day development, use SamplePrivDeveloper.pfx. The advantage of signing with a privileged certificate is that your application can call any API, and there are essentially no security restrictions on what your application can do. The disadvantage of signing with a privileged certificate is that when you release your application, you have to ensure that your application is signed with a certificate that is in the privileged store of the real device.

For more information about privileged APIs, see Privileged APIs.

Most Windows Mobile devices ship with the Mobile2Market privileged certificate. Your application will work on these devices if you sign it through the Privileged Signing program of Mobile2Market.

However, Windows Mobile Standard on some mobile operator networks ship without the Mobile2Market privileged certificates. On these devices, you have to ask the OEM or mobile operator to sign your application, and that organization may be very restrictive about what applications it is willing to sign.

Because of these requirements, if you want your application to run on all devices from all operators, you need to have different versions of your application that are each signed with a different certificate.

You can sign your application with a normal certificate. For day-to-day development, use SampleUnprivDeveloper.pfx. Most applications can run fine without needing to call any privileged APIs. All devices that currently ship have the Mobile2Market normal certificate. If a device does not have the Mobile2Market certificate, the OEM or mobile operator would need to sign your application.

The advantage of an unsigned application is that it is the easiest to produce. You do not need to contact any third-party signing authority. The disadvantage is that the application runs only on a two-tier-prompt, one-tier-prompt, or security-off device.

Community Additions