Motorola doesn't provide any way to install new root certificates for Java (despite there being an interface to install them for SSL) and the only root certificates installed other than their own is the lucrative "Java Verified" monopoly certificate.
- Add the certificate to /ezxlocal/download/appwritecmsec/.policy/._policy.txt:
CA Cert Signing Authority (anything) 2 1 MIIHPTCCBS... (root certificate) 0 0 0 0This will make it appear in the list of Java Root Certificates under Security Settings. That's all it does. The following two files are actually used by the JVM.
- Add the certificate to /ezxlocal/download/java/.policy/._policy.txt:
domain: C=;L=;O=Root CA;OU=http://www.cacert.org;CN=CA Cert Signing Authority 2 1 AAAcHBwcHB... (copy this from the UTI certificate) MIIHPTCCBS... (root certificate) FrUyG9TH8+DmjvO90rA67rI5GNE= (unknown) 1049027389 (start date) 1995712189 (end date)
- Add the certificate to /usr/securesetup/.policy/_devdomain.txt:
domain: CA Cert root certificate (anything) type: 2 rootcert: MIIHPTCCBS... (root certificate) allowchangestatus: 0
- Where the root certificate is specified, it's in DER format and Base64 encoded all on one line.
- I copied the unknown part in the second policy file from the UTI certificate and it was automatically updated for me (including the domain DN).
- Somehow /ezxlocal/download/java/.policy/._hmac.txt was not world readable, which is required to run the MIDlet from the menu.