To purchase an AIR Developer Certificate, the Thawte web site requires you to use the Mozilla Firefox browser. The private key for the certificate is stored within the browser’s keystore. Ensure that the Firefox keystore is secured with a master password and that the computer itself is physically secure. (You can export and remove the certificate and private key from the browser keystore once the procurement process is complete.)
As part of the certificate enrollment process a private/public key pair is generated. The private key is automatically stored within the Firefox keystore. You must use the same computer and browser to both request and retrieve the certificate from Thawte’s web site.
1. Visit the Thawte web site and navigate to the Product page for Code Signing Certificates.
2. From the list of Code Signing Certificates, select the Adobe AIR Developer Certificate.
3. Complete the three step enrollment process. You need to provide organizational and contact information. Thawte then performs its identity verification process and may request additional information. After verification is complete, Thawte will send you e-mail with instructions on how to retrieve the certificate.
Note: Additional information about the type of documentation required can be found here: https://www.thawte.com/ssl-digital-certificates/free-guides-whitepapers/pdf/enroll_codesign_eng.pdf.
4. Retrieve the issued certificate from the Thawte site. The certificate is automatically saved to the Firefox keystore.
5. Export a keystore file containing the private key and certificate from the Firefox keystore using the following steps:
Note: When exporting the private key/cert from Firefox, it is exported in a .p12 (pfx) format which ADT, Flex, Flash, and Dreamweaver can use.
6. Open the Firefox Certificate Manager dialog:
7. On Windows: open Tools -> Options -> Advanced -> Encryption -> View Certificates
8. On Mac OS: open Firefox -> Preferences -> Advanced -> Encryption -> View Certificates
9. On Linux: open Edit -> Preferences -> Advanced -> Encryption -> View Certificates
10. Select the Adobe AIR Code Signing Certificate from the list of certificates and click the Backup button.
11. Enter a file name and the location to which to export the keystore file and click Save.
12. If you are using the Firefox master password, you are prompted to enter your password for the software security device in order to export the file. (This password is used only by Firefox.)
13. On the Choose a Certificate Backup Password dialog box, create a password for the keystore file.
Important: This password protects the keystore file and is required when the file is used for signing AIR applications. A secure password should be chosen.
14. Click OK. You should receive a successful backup password message. The keystore file containing the private key and certificate is saved with a .p12 file extension (in PKCS12 format)
15. Once exported, send me the resulting .p12 file along with password used and I will rebuild the Windows, OSX and Android apps with this certificate. Please note the app will need to be resubmitted under a new bundleId for Google Play as it will detect that we are trying to upload an update with a different certificate.
Important: The private key and certificate are still stored within the Firefox keystore. While this permits you to export an additional copy of the certificate file, it also provides another point of access that must be protected to maintain the security of your certificate and private key.