Who am I?
A software engineer living in Vancouver, Canada - http://www.antonypranata.com/
Calendar
Recently...
- A New Symbian OS Book - Quick Recipes on Symbian OS
- Screenshot v3.01 Released
- New Symbian Signed Test Criteria
- Using Accelerometer on Nokia N95
- Platform Security on Apple's iPhone?
- Agile Software Methdology: An Interview with Jim Coplien
- The King of "Mobile Rules '08"
- Save Our Planet
- Free Booklets from Symbian
- Always Remember that Mobile Device has Limited Battery Power
Categories
Antony Pranata's Forum Nokia Blog
Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 16 June, 2006 22:38
If you have been reading discussions at Forum Nokia Developer Discussion Board recently, you may notice there are many questions about signing in S60 3rd Edition. It seems the new security feature in Symbian 9 has led to frustration for some developers.
I would like to share what kind of error messages I have seen when installing signed/unsigned application in S60 3rd Edition phones. There is a hint that explains what may cause a particular message. I may not be able to cover all error messages because I may not have seen all of them.
Message: Certificate error. Contact the application supplier.
Hint: You may have tried installing unsigned application. Note that signing is mandatory S60 3rd Edition. You can use self-signed certificate or developer certificate from Symbian Signed to sign your application.
Message: Unable to install. Constrained by the certificate.
Hint: This message pops up when you attempt to install developer certificate in the unsupported device. The developer certificate from Symbian Signed can only be used in a limited number of devices. Remember that you have to send your IMEIs to Symbian Signed when requesting certificate. You cannot use the certificate in other devices that is not in your IMEIs list.
Message: Required application access not granted
Hint: Check that your certificate can be used to sign all capabilities needed by your application. For example, if you use self-signed certificate, you can only sign basic set capabilities, i.e. NetworkServices, ReadUserData, WriteUserData, LocalServices and UserEnvironment. If your application requires one of the extended capabilities, for example SwEvent, you cannot sign it with self-signed certificate. In this case, apply for developer certificates from Symbian Signed.
Message: Unable to install a protected application from an untrusted supplier
Hint: If you use self-signed certificate, make sure that your application uses unprotected UID, i.e. 0xA0000000 - 0xAFFFFFFF. If you use protected UID (0x20000000 - 0x2FFFFFFF) or legacy UID (0x10000000 - 0x1FFFFFFF), you will get this message.
Message: Unable to install
Hint: This message may come up when your installation file (.sis/.sisx) copies files to other application's private folder, i.e. privateuid. Note that Symbian 9 introduces data caging concept, it means you don't have access to other application's private folder.
S60, Symbian C++, Testing |
Next |
Comments (55) | 
Trackbacks (0)
Comments
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
mgroeber9110 | 27/06/2006, 16:05
thanks for this very useful post. I would like to nominate it for inclusion in the next version of the SDK documentation. :-)
I have recently come across two more causes for the last message ("Unable to install"). This seems to be a general "validation" error that can be triggered by various consistency checks on the files being installed. In particular, it can also mean:
- The image of an E32 binary is corrupt, for example as a result of modifying the header without correcting the checksum
- The UID2 of an E32 binary is invalid, for example zero - I suspect that this must be one of a list of well-known UIDs, such as KUidApp
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
mikkoiv | 14/07/2006, 16:23
I encountered one more reason to the "Unable to install"-error. If you have non-GUI exe, the SID has to be explicitly defined, at least when you are using Carbide.c++.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
SlonUA | 07/11/2006, 15:07
OS: Symbian 3rd ED futured pack 1 (aka v9.1)
During instaling JAR App (J2ME) after ~80% i had a error "Unable To Install" !!!
The problem is ... that Installer have a bug, i think so !!! Than U install JAR from Internet by JAD and connection is lost, installation is interapted AND U are in trouble !!!
After this U can't install any more JAR and can't see in APP.Manager Ur allready installed JARs (few still are)
Do u know this !?! Do U know which files are responsyble for that !?!
Any ideas =) ???
One more thing .. i found file Z:Systemswipolicy.ini
AllowUnsigned = false ***IT'S MY NOTES - THERE I MUST CHANGED IT. IN APP.Manager - INSTALL ALL IS SET TO TRUE - END OF MINE***
MandatePolicies = false
MandateCodeSigningExtension = false
Oid = 1.2.3.4.5.6
Oid = 2.3.4.5.6.7
DRMEnabled = true
DRMIntent = 3
OcspMandatory = false
OcspEnabled = true
AllowGrantUserCapabilities = true
AllowOrphanedOverwrite = true
UserCapabilities = NetworkServices LocalServices ReadUserData WriteUserData UserEnvironment
AllowPackagePropagate = true
SISCompatibleIfNoTargetDevices = false
RunWaitTimeoutSeconds = 600
AllowRunOnInstallUninstall = false
DeletePreinstalledFilesOnUninstall = true
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
symbee | 21/07/2006, 13:22
In this blog,there is no specification about the perticular.
I have self-signed my application and changed my UID accordingly
Kindly help
Symbee
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
chall3ng3r | 02/04/2007, 11:27
"Installer Feature Not Supported!" error is shown when you compile your project using latest feature pack, and running the app on earlier version.i had similar problem when i used 9.2 sdk (FP1) and was trying the app on N73, which is non FP1 device. i used the 9.1 MR sdk, and all worked fine.
also, if you're using 9.1 sdk, try cleaning the project first. so all files are re-generated.
hope it helps,
// chall3ng3r //
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
anorland | 05/08/2006, 00:55
results in exactly the error case you describe (access to other application's private folder).
Just make sure UID3==SECUREID.
-Anders
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
winfoware | 18/08/2006, 17:42
Really very useful for all the 3rd edition developers. Thanks for the info. Keep posting such articals.
We have recently come across one more causes for the last message ("Unable to install").
when copying other than dll, exe and bbp files in sysbin on device (ex:mbm files)
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
alsaleem | 29/08/2006, 06:23
"unable to execute file for security reason"
My application uses gprs, has local data files
What could be the problem?
Thanks
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
bnvaikos | 30/11/2006, 10:40
I m getting error"unable to execute file for security reason" at startup
My application uses gprs,dealing with contacts DB & i have added all available capabilities with developer certificat.
if anybody knows solution do tell me.
thanks
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
bnvaikos | 04/12/2006, 12:50
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
davidmaxwaterman | 19/09/2006, 21:58
"Unable to install. Component is built-in."
I'm not sure of the cause, yet.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
sainedi | 02/11/2006, 00:07
thanks
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 02/11/2006, 18:01
This is really weird. It seems that some of you devices cannot recognize your certificate.I don't thinks this is the case, but have you checked that your option in E61 allow installation of all files? Check this page out, http://www.s60tips.com/2006/05/25/installing-self-signed-applications-in-s60-3rd-edition/.
Another possibility that comes out in my mind is that your E61 comes from different operator and they have different root certificates. However, even if this is the case, your application should be treated as self-signed application.
Sorry, I really have no idea.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
thedawn1977 | 30/11/2006, 18:44
As you know, Symbian 9 protection mechanism prevents eclipsing of DLLs and EXEs.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 01/12/2006, 17:51
Shahar, thanks for the clarification. You're right, this may cause a problem too in Symbian 9.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
rathodavinash | 02/11/2006, 15:14
I have a problem.
I tried to self sign a simple helloworldbasic application form S60Ex folder (SDK).
I have compiled it using "abld build gcce urel" worked
then i used "makesis helloworldbasic.pkg hello.sis" worked
then i tried
makekeys -cert -password avinash -len 2048 -dname "CN=Avi EM=avithe1@gmail.com" mykey.key mycert.cer
worked
but when i use
signsis hello.sis mycert.cer mykey.key it gives
encryption error, cannot read mykey.key.
What am i doing wrong???
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 02/11/2006, 17:57
You need so specify the output file name. So, the command should look like this:signsis hello.sis hello.sisx mycert.cert mykey.key
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
SlonUA | 07/11/2006, 14:53
OS: Symbian 3rd ED futured pack 1 (aka v9.1)
During instaling JAR App (J2ME) after ~80% i had a error "Unable To Install" !!!
The problem is ... that Installer have a bug, i think so !!! Than U install JAR from Internet by JAD and connection is lost, installation is interapted AND U are in trouble !!!
After this U can't install any more JAR and can't see in APP.Manager Ur allready installed JARs (few still are)
Do u know this !?! Do U know which files are responsyble for that !?!
Any ideas =) ???
One more thing .. i found file Z:Systemswipolicy.ini
AllowUnsigned = false ***IT'S MY NOTES - THERE I MUST CHANGED IT. IN APP.Manager - INSTALL ALL IS SET TO TRUE - END OF MINE***
MandatePolicies = false
MandateCodeSigningExtension = false
Oid = 1.2.3.4.5.6
Oid = 2.3.4.5.6.7
DRMEnabled = true
DRMIntent = 3
OcspMandatory = false
OcspEnabled = true
AllowGrantUserCapabilities = true
AllowOrphanedOverwrite = true
UserCapabilities = NetworkServices LocalServices ReadUserData WriteUserData UserEnvironment
AllowPackagePropagate = true
SISCompatibleIfNoTargetDevices = false
RunWaitTimeoutSeconds = 600
AllowRunOnInstallUninstall = false
DeletePreinstalledFilesOnUninstall = true
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
stodolni | 14/10/2007, 12:58
Thanks in advance to everybody. L. Mura (znojmo@tim.it)
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 14/10/2007, 19:49
You may try the trick described in my other blog, http://www.s60tips.com/2007/01/03/deleting-stuck-installer-files-in-s60-3rd-edition/Basically, you have to delete the .sis file from the MMC using Mass Storage mode. It is a bug in S60 3rd devices.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
bm | 13/11/2006, 07:21
Thanks for your great post... I faced "unable to install" error and solved it.Now everyting is working fine =) . Now i am facing another problem after install my sis file in App.Manager i got two SIS files one is install another is uninstall like "test installed" and "test uninstalled". my application is working fine but why two sis file i don't understand. Please help me .......
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 13/11/2006, 08:59
The "uninstalled" one is just some kind like cache (that's my understanding). You can remove it safely. I also notice this happens several times, but don't realy know what causes it.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 30/11/2006, 17:54
I just noticed recently this may happen for example if you transfer .sis files to your phone and then you cancel the installation in the middle. The uninstalled .sis file will be available on the phone. Not sure if this is by design or bug though.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
stellion | 08/12/2006, 03:38
I'm a real beginner when it comes to Symbian...but I find this article really helpful!
I'm playing around with the HelloWorld application that came with the SDK...I keep on getting the ("Unable to install a protected application from an untrusted supplier") message though :|
My UID is set to: 0xA0000000
If anyone could help, I'd be grateful, If my N80 tells me one more time I'm untrusted, I'm going to go crazy...
Another thing I wanted to ask, is Carbide.C++ (Express 1.1) bad? or is it just Symbian?
Is it easier to develop for Symbian in e.g. VS?
thank you in advance for all your help!
Casper
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 08/12/2006, 10:55
How about the default UID from Hello World application (0xA000017F)? Does it work?About development tool, I would recommend Carbide.c++. Why? Because it seems that Nokia is trying to push Carbide.c++ for future Symbian OS development. I don't think Carbide.vs will be developed further.
Antony
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
stellion | 08/12/2006, 21:42
My .pkg looks as follows:
;Vendor related information
%{"VednorX"}
; standard SIS file header
#{"HelloWorldConsoleApplication"},(0xA000017F),1,70,9
;Supports Series 60 (all versions)
[0x101F7961], 0, 0, 0, {"Series60ProductID"}
;
"C:/Symbian/9.2/S60_3rd_FP1_3/epoc32/release/GCCE/UREL/HelloWorld.exe"-
"!:systemappsHelloWorldHelloWorld.exe"
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 12/12/2006, 23:14
I put a link to Forum Nokia Discussion that is related to this problem so that everybody can track it too,
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 14/12/2006, 23:48
Ops sorry... forgot to put a link, http://discussion.forum.nokia.com/forum/showthread.php?t=79269
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
samuel.weibel@ascom.ch | 18/12/2006, 10:46
1. You are not allowed to install to !:systemapps... on 3rd edition handsets but to !:sysbin.
2. You are using 3rd edition FP1 but neither E61 nor N80 are FP1 but simply 3rd edition. This may not be a problem, but it can...
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
cartman_ume | 02/01/2007, 16:50
I am getting this error "Unable to install. Constrained by the certificate.", above you have the hint that the IMEI is not in the certificate, but I have checked this twice and still get this error, what else can it be?
Could it be that the device does not have the correct root certificate for the developer certificate?
/Erik
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
acadiano | 08/02/2007, 08:19
I HAVE THE E50 AND I HAVE FORMATED IT NOW WHEN I WANT TO INSTALL AN APPLICATION
IT GIVES ME A MESSEGE SAYS : CERTIFICAT MAY NOT BE VALID ,IS EXPIRED OR PHONS DATE SETTING MAY BE INCORECCT
WHAT I HAVE TO DO PLZ HELP
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 08/02/2007, 08:26
Normally that happens if your date on the phone is incorrect. Sometimes if happens if your certificate has future time (compared to your phone's time). Just check your certificate date and your phone's date.
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
edc088 | 26/07/2007, 18:08
We've developed an application for commercial use which has received the Nokia and Symbian signature but are experiencing errors when installing it over the air on certain devices. Unfortunately the error message isnt listed above but I'm hoping someone can help me.
Upon installing via Bluetooth and email everything works as expected and perfectly. But when we click on a link to our server where the application is held the download starts up to about 90% then an error message appears "Installation of filename.sis not supported" and the browser goes white and the download stops. All devices claim not to support the application, most refuse the application and a few ignore it and install the app anyway.
Does anyone have any ideas?
Many thanks
Ed
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
antonypr | 26/07/2007, 18:47
There are two things you may want to check.1) Check whether the URL really downloads the version for S60 3rd Edition app. If it points to S60 2nd Edition, then you may get that message.
2) Check that you have added the right MIME type to your server. Check this discussion, http://discussion.forum.nokia.com/forum/showthread.php?t=76171
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
cezaryk | 08/08/2007, 13:28
it's about self-signed certificate too.
enter
menu / tools / application manager / options / settings / software installation
switch default option <signed only> to <all>
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
litenbubbly | 21/10/2007, 05:18
Signing Problem
ss7guru | 29/10/2007, 18:02
When I run the signsis I get "cannot read WorldCert.cer". The cert was generated with makekeys and the .cer and .key are in the directory with the .sis I want signed.
Any clues?
Signing Problem
ss7guru | 29/10/2007, 19:13
Time
William | 01/11/2007, 14:09
Often with devcerts you got Unable to install if time on your device in wrong.
security warning
Saritha Reddy | 19/03/2008, 07:43
Hi, I m trying to instal a simple hello world application on E61i, it is throwing message "Unable to install a protected application from an untrusted supplier" I m having default UID of helloworld i.e 0xA000017F.
Help me how to clear this error.
BR,
Saritha
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
bytes | 27/03/2008, 17:04
Antony & all,
I have the same problem.
====================================
I am getting this error "Unable to install. Constrained by the certificate.", above you have the hint that the IMEI is not in the certificate, but I have checked this twice and still get this error, what else can it be?
================================
But strangely its installed on some devices and not on some devices.
And those IMEIs are newly added. Its woking on old IMEIs.
We got Publisher ID from Trust Centre.
I am using the following capabilities.
NETWORKSERVICES
READUSERDATA
WRITEUSERDATA
NETWORKCONTROL
WRITEDEVICEDATA
READDEVICEDATA
USERENVIRONMENT
MULTIMEDIADD
SwEvent
I am using latest Symbian Development certificate request Wizard.
thanks for yout time
problem with reinstalling
manish.agarw | 25/10/2008, 10:44
hi everyone :
what i did is take a sis file then
add some data files in my package file
and then create a sisx file from this package file ...now when i install it works fine ...and when i removed it...
and reinstall it again.....a warning comes ...like this application is already exist do u want to replace it...
i don,t know why it happens...
could any body solve my problem
thanks
Reply
support08 | 20/12/2008, 09:56
Re:problem with reinstalling
hankjmatt | 06/01/2009, 08:55
If you have that, you must move the .pkg to the EPOC32tools directory of the SKD you want to use and run everything from there. Otherwise the versions do not match and createsis and signsis cannot open the cert.online games, online game, flash games, free online game, free online games, flash game!
UID Checksum Invalid
prajapatmanoj | 09/01/2009, 11:33
Hi, I have developed an application with S60 3rd Edition FP1. I am using 0xed53c79d as UID3.
I successfully created SIS file. But when I dump content of sis(unsigned) file with dumpsis utility it shows me folloing error
UID checksum invalid
Integrity check failed -20
but show all the files contained in sis when I use -l option with dumpsis.
I checked application UID3 value in mmp file, pkg file, MyApplication.h file and also in MyApplication.uid.cpp file. Every where it is same. Also I define following statement in the mmp file.
UID 0x100039CE 0xed53c79d
UID3 0xed53c79d
What could be the problem? Please help.
tower defense
hankjmatt | 16/01/2009, 15:35
tower defence, tower defense games, tower defense, desktop tower defense, flash tower defence
AYpearl
Briace | 18/02/2009, 08:24
wholesale jewelry
wholesale handmade jewelry
wholesale fashion jewelry
wholesale costume jewelry
handmade jewelry
costume jewelry
jewelry wholesale
wholesale pearl
wholesale crystal
discount jewelry
cheap wholesale
china jewelry wholesaler
wholesale china jewelry
handcrafted jewelry
wholesale jewellery
Am I almost there
digicenter | 19/02/2009, 02:25
I 've been trying to install our S60 application on a E71 for some time now. I 've had all kinds of errors (lots of them are solved in this blog, a shame that I didn't get here sooner...). I managed to fix them all, but now I 'm block.
Before, I tried to install a selfsigned SIS, but I kept on getting "Certificate error. Contact the application supplier.", even when the SymbianSigned Tool told me the signing was ok.
Now, I used the Open Signing to get a signed SIS file. Allthough I selected all of the functions in the list, the error "Required application access not granted." tells me the application still can 't be installed...
Any ideas?
Thx.
Update
digicenter | 19/02/2009, 03:25
I managed to get to the same point "Required application access not granted." with my self signed SIS file. And now I 'm blok again.
Still evolving ...
digicenter | 19/02/2009, 04:00
Ok, maybe I should just try harder. I removed some capabilities in the mmp file (ReadDeviceData, WriteDeviceData, UserEnvironment, NetworkControl and maybe some others are not allowed with self signed apps).
The "Required application access" error was replaced by the next one. No, I just get the "Unable to install" message. Don't know why yet... How can I know if the installation wants to put files in a private folder of some other and more importantly, how can I prevent that?
good tel
hibeads.com | 04/04/2009, 15:42
Hibeads is one of the leading online supplier of
gemstone beads,
semi precious stone beads,precious gemstone beads,natural coral and turquoise jewelry,lampwork beads and lampwork pendant,
pandora style glass beads,
freshwater pearl,
akoya pearl,sea shell pearl,our company specialize in Chinese Turquoise beads and coral beads wholesale, Chinese turquoise wholesale, necklace wholesale,pendants wholesale, bracelets wholesale, freshwater pearl wholesale, We stock all these goods in quantities. With tons of gemstone beads, pearl beads, coral beads,turquoise beads,necklace, pendants and bracelets in stock, on the wholesale cheap price.
pearl jewelry wholesale
Gemstone beads wholesale
Gemstone
Coral Jewelry
Turquoise Jewelry
Pandora Jewelry
Freshwater Pearl Jewelry
Akoya Pearl
Shell Pearl
Jewelry Clasps
Jewelry blog
wholesale pearl jewelry http://www.wspearl.com
wholesale gemstone beads http://www.hibeads.com
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
brg8 | 13/06/2009, 16:04
Ok, maybe I should just try harder. I removed some capabilities in the mmp file (ReadDeviceData, WriteDeviceData, UserEnvironment, NetworkControl and maybe some others are not allowed with self signed apps).
The "Required application access" error was replaced by the next one. No, I just get the "Unable to install" message. Don't know why yet... How can I know if the installation wants to put files in a private folder of some other and more importantly, how can I prevent that?
شات-العاب-
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
Alexa123 | 18/06/2009, 03:46
It's really quite evident that this is a powerful component of reform in money saving vouchers and coupons for government regulations. It is becoming increasingly clear that saving money and online savings play strongly into online printing discount vouchers and coupon codes. Furthermore, this useful resource for Vistaprint Voucher has made it easier to save money and beat the recession with vouchers and coupons. Added to this is an important element of online printing discounts with regard to the money saving relevancy of Vistaprint Discounts, which is why it is crucial that discount vouchers and coupon codes will help beat the recession for printing online discounts with vistaprint.
wholesale replica handbags
hym | 02/07/2009, 12:18
Re: Interpreting Platform Security Error Messages in S60 3rd Edition
samposuv | 20/06/2006, 18:37
This is very useful and relevant information, thank you. It's a pity that these error messages are still on the same level as error messages were in the 1980s! A lot more could be done very easily at the operating system level (if they just read Alan Cooper's book). This would help development and save everyone's time.
In the beginning these cryptic minimalistic error messages do cause a lot of confusion. Everything seems correct and your phone just keeps telling you that you are untrusted. Or that he is unable to install. With no further hints whatsoever. It could easily say, for instance: "You are trying to install a self-signed application but your UID is on the protected range. Please change your UID to the unprotected range and try again."
Two more hints for developers:
1. During development sometimes it helps to go the App.Manager and uninstall a previously installed (specially if the installation has failed which often creates strange dirty remnants) version of your application. It may be the cause why your newer version can not be installed. I don't know why this happens, but we have seen this on a number of occasions.
2. Sometimes uninstalling is not enough. If all else fails, a very useful short code is *#7370#. It resets the phone to factory settings and some 30 seconds later you are ready to install any test version again. If the error message was indeed caused by a previous version you will not get an error message any more. At least for one round of testing...
By the way, the 'lock code' for doing the factory reset operation *#7370# is usually 12345.