Generating self-signed certificate using ADT to sign AIR applications

To package an Adobe AIR application using ADT (AIR Developer Tool), a certificate is needed. Digitally signing your application with a certificate from a recognized certificate authority identifies you as the publisher. It also provides assurance to users that your application has not been accidentally or maliciously altered. For these purposes, you can get a certificate from known certificate providers such as VeriSign or Thawte. But if you’re just developing an application for personal or friends’ use, you can use a self-signed certificate, which can be generated using ADT. You can then use this certificate to sign your personal AIR applications :-).

To generate the certificate, run the following command:

adt -certificate -cn name [-ou org_unit][-o org_name][-c country] key_type pfx_file password

where -cn name is the common name that will be used for the generated certificate, -ou org_unit refers to the organizational unit issuing the certificate, -o org_name is the name of the organization issuing the certificate, -c country is a two-letter ISO-3166 country code, key_type can either be "1024-RSA" or "2048-RSA" pfx_file is the name of the file where the certificate will be stored, and password is the certificate’s password. The parameters inside square brackets are optional.

As an example, the actual command may look like this:

   1: adt -certificate -cn "My Certificate" -ou -o "ABK Co" -c US 2048-RSA myCert.p12 sd#$wd23

   2: adt -certificate -cn "AIR App" 1024-RSA MyCert.p12 sd#$wd23

The first line illustrates how to generate a certificate specifying all the possible parameters. On the other hand, the second line only uses the required parameters in generating the certificate. Both will generate a new certificate and will store it in a file called myCert.p12 with password sd#$wd23.

To use the generated certificate to sign an AIR application, use adt using the -package option instead of the -certificate option. Use -storetype pkcs12, -keystore myCert.p12, and -keypass sd#$wd23 to specify the certificate that will be used to sign the application. The command is something like

adt -package -storetype pkcs12 -keystore myCert.p12 -keypass sd#$wd23 <airfile> <app-desc> other-files ..

where <airfile> is the name of your package, <app-desc> specifies the XML application descriptor file, and other-files are the files and directories that you want to package with your air application.

3 Responses to Generating self-signed certificate using ADT to sign AIR applications

  1. Dom Sparks says:

    Thankyou. you saved my life! The adobe docs for this are appalling, but the above got me the results I needed in a few seconds!

  2. Arunkumar says:

    I tried to package an air application , it is creating the certificate and not producing the air file and i got an error stating that
    Could not generate timestamp: connection refused: connect. Can u give me a alternate solution.

  3. Wisman says:

    Very good written information. It will be useful to anybody who employs it, as well as me. Keep doing what you are doing cant wait to read more of your posts.

Leave a Reply