Signing Adobe Air Applications
Once you have obtained your Code-Signing certificate, you will need to convert it to a format suitable for the Adobe AIR SDK to sign applications with (PKCS12 or PFX format).
If your certificate was obtained using Mozilla Firefox:
- Go to the ‘Tools’ menu, and choose ‘Options’.
- Click the ‘Advanced’ icon, select the ‘Encryption’ tab, and then click the ‘View Certificates’ button.
- Listed under ‘Your Certificates’, you should see your Code-Signing certificate. Select it, and click the ‘Backup’ button.
- Choose a name and location for the file. Then enter the master password.
- Choose and enter a password for the exported file.
You will need this password later when signing the AIR Application. - The certificate and private key will be exported to a PKCS#12 file, with a .p12 extension.
If your certificate was obtained using Internet Explorer:
- Go to the ‘Tools’ menu of IE, select ‘Internet Options’, then select the ‘Content’ tab.
- Click the ‘Certificates’ button. From the ‘Personal’ tab, select your Code-Signing certificate, and click the ‘Export’ button.
- The Certificate Export Wizard will start. Click ‘Next’.
- Select ‘Yes, export the private key’, click ‘Next’.
If this option is greyed out, you cannot use this certificate for signing Adobe AIR Applications. You will need a new certificate. - Leave the default checkboxes on the next screen. Click ‘Next’.
- Choose and confirm a password. Click ‘Next’.
You will need this password later when signing the AIR Application. - Choose a filename and location. Click ‘Next’.
- Click ‘Finish’ and the export should be successful. You now have your certificate and key exported to a PKCS#12 .pfx file.
Signing the Adobe AIR Application
These instructions use the Adobe AIR SDK to sign the AIR application.
- Firstly, check that the /bin/ directory of the Adobe AIR SDK is in your PATH environment variable.
- Copy the exported certificate (.p12 or .pfx file) to a location outside of the ‘source’ directory of your application. [Example here]
- Open a DOS prompt, and navigate to the source directory of your application (where the ‘application.xml’ file is stored).
- Run the following command, substituting filenames and paths where required:
adt -package -storetype pkcs12 -keystore [location of certificate file] [location of .air file] application.xml .
Example command: here.
You will be prompted for a password – enter the password set when you exported the certificate as above.
Your application will now be signed.
Note: The signing can also be done with Flash CS3 Professional, Flex Builder 3, Flex 3 SDK or Dreamweaver CS3. Instructions for these can be found: