3 Replies Latest reply on Nov 27, 2009 2:28 AM by robmcmi

    Thawte certificate flaw!

    robmcmi

      Like many developers out there I have signed my AIR applications with a Thawte certificate as recommended by Adobe.

       

      However my Certificate just expired, and when I tried to get a new one, they had to issue me a new one, as their certificates have changed from using UK for people in the United Kingdom, to use GB for Great Britain.

       

      This means my certificate has changed meaning my application now has a different publisher ID.

       

      This is a nightmare as my install badges wont work, users can't update using auto update as the get an error, all data stored in the local store by the old app is now inaccessible to the new app and worse of all my old certificate has expired, so I can't even attempt to migrate.

       

      If there is anyone from Adobe out there that can give me some advice on how to resolve this without forcing all our users to manually uninstall the old app, then download the new app, whilst in the process migrating their data by hand etc PLEASE get  in contact.

       

      This is a huge problem caused by Thawte, and I can imagine it is affecting anyone in the UK that has signed an AIR app.

       

      Thanks

       

      Rob

        • 1. Re: Thawte certificate flaw!
          robmcmi Level 1

          My biggest concern at the moment  is how to migrate the data stored in the LSO and also the local storage.

           

          At the moment local storage is tied to the publisher ID. So how do I get it into the new app, even if I can create a migrate version? Should I move it to the users documents folder perhaps?

           

          If anyone has advice on migration that would also be really handy.

           

          Thanks

           

          Rob

          • 2. Re: Thawte certificate flaw!
            romil mittal

            Please go through the following post regarding publisher ID changes which will be coming soon in AIR:

                         http://blogs.adobe.com/simplicity/

             

            As mentioned there, you would be able to associate a non-computed pubID with your application. So you would specify the publisher ID which got generated with your original certificate and hardcode it in your application. This will ensure that your ELS data is always accessible irrespective of the certificate you are using.

             

            However to make sure that updates happen properly, you would need to migrate your application from the old to newer certificate.

             

            Thanks,
            -romil

            AIR Team

            1 person found this helpful
            • 3. Re: Thawte certificate flaw!
              robmcmi Level 1

              Thanks for that information.

               

              Thawte are willing to provide me with the same certificate for another year (using UK over GB), by which time hopefully this feature will be out in the wild and most users will be upgraded.

               

              Is there any more information on how this will work, as I use a installer badge and browser invokes are a key part of the application. I need to be sure that this will not be affected.

               

              Also that I will be able to hard code the publisher ID to the current one, the one of my existing certificate. Otherwise I will still have the problem of not being able to access the local store (as the location changes with certificate).

               

              My key worry is that if I am going to have to loose users data, I do it now rather than in a years time when we will hopefully have even more uses, and it will be more disruptive to more people.

               

              Thanks

               

              Rob