Execution control, 2 execution control – Siemens TC65 User Manual
Page 73
TC65 JAVA User's Guide
Strictly confidential / Released
s
TC65 JAVA User's Guide_V05
Page 73 of 90
26.09.2005
-keyfile ./democa/private/cakey.der
-certfile ./democa/cacert.der
6. Export private key from server certificate
-
The private key is needed for the (HTTPS or Secure Connection)server
configuration.
- execute
command
>java -jar getprivatekey.jar -alias server
-keystore customer.ks -storepass keystorepass
-keypass keypass -keyfile server_privkey.der
Result:
-
You have a keystore for the configuration of the Java Security of the module
-
You have a signed server certificate (files ““server.pem” or “server.der”)
-
You have a private key file for your server configuration
11.2 Execution
Control
The Java environment of the TC65 module has two modes.
unsecured mode:
• The device starts all java applications (MIDlets).
secured mode
• The customer can activate the secured mode of the device. For this the customer sends a
root certificate (x.509 certificate) to the device (over an AT-Interface). The device changes
from “unsecured mode” to the “secured mode”. From this time the module will only start
java applications with a valid signature. In addition, the device will only accept special
commands from the customer if they are marked with a signature. The device examines
each command with the public key of the customer root certificate
The secured mode is activated by a special AT-command.
Siemens supplies modules with unsecured mode as the default configuration.