2 Replies Latest reply on May 31, 2017 6:33 AM by mo_ah

    air Code signing with Usb token

    mo_ah Level 1



      It seems since february 2017, Certificate Authorities deliver certificates as usb token.


      I got a GlobalSign code signing certificate, which is stored on such device, using safeNet.

      The problem is that the only thing i can get from it is a .cer

      The private key is unaccessible and the usb token is not visible under windows explorer.


      Since FlashBuilder seems to require a .pfx or .p12 for build, i don't know what to do.

      I try looking into adt, but it seems it require the same files.


      Any help is welcome.




      p.s. I'm working with FlashBuilder 4.6, mainly developping flex/air desktop and mobile apps

        • 1. Re: air Code signing with Usb token
          spadged Level 1


          It can be done via command line / terminal. In the case of windows (I don't have this setup on a mac):


          • Install / Import the cert via Internet options in the control panel: Content > Certificates > Import (You may get lucky and already have the certificate installed)
          • Make a note of the "Issued to:" field this will be your alias
          • Make sure you have the key inserted and drivers installed
          • In Flash Builder: Export Build Release selecting the "Intermediate AIRI package that must be manually signed later" option
          • Open up the command prompt
          • Enter the following replacing YOURALIAS, YOURPASSWORD and file paths with the appropriate items:
            adt -sign -tsa http://timestamp.digicert.com/ -storetype Windows-MY -alias "YOURALIAS" -storepass YOURPASSWORD  -keypass YOURPASSWORD "path/to/file.airi" "path/to/file.air"
            I have no idea which one is needed out of -storepass & -keypass (if any)
          • This should then open a window titled "Token Logon"
          • Enter your "Token Password" and click "OK"
          • adt should then get busy signing your app



          • You'll need to make sure that you have adt and java in your environment variables
          • This may not make any difference, but I'm also using the 32bit version of the JDK
          • The store type Windows-MY has only been supported since JDK v1.6 so make sure thats updated
          • My installed flex SDK is: apache flex 4.16.0 sdk with air v23


          Hope this helps you out!

          1 person found this helpful
          • 2. Re: air Code signing with Usb token
            mo_ah Level 1

            Thanks. this works.