Wednesday, 18 April 2007

Unlocking a Smartphone for development


To develop on a Windows Smartphone you will first need to get the SDK certificates to sign against installed. This is a non-trivial process which involves a couple of registry entry changes and the installation of a CAB file.
First a signed registry editor must be located to run on your target device. These can be found by doing an Internet search for "REGEDIT.EXE". When found copy the EXE onto the device, launch it and change the following registry values:
  • Navigate to HKLM\Security\Policies\Policies\
  • Change the "00001001" value to a decimal 1
  • Change the "00001005" value to a decimal 40
  • Reboot the device
At this point your Smartphone is "Unlocked" to run any code. In the development environment we want to be able to sign code against the correct privileged certificates. The next step is to install these certificates.
  • First install the Windows Mobile Smartphone SDK. This is available here from Microsoft.
  • Copy the file C:\Program Files\Windows CE Tools\wce500\Windows Mobile 5.0 Smartphone SDK\Tools\SDKCerts.cab onto the device.
  • Launch the CAB file.
  • Reboot the device.
It is now advisable to "Re-lock" your Smartphone so that you can check you are signing your application against the right security certificates. This is done by launching "REGEDIT.EXE" and changing the following registry values:
  • Navigate to HKLM\Security\Policies\Policies\
  • Change the "00001001" value to a decimal 2
  • Change the "00001005" value to a decimal 16
  • Reboot the device
See Stuart Preston's Blog for more information.

1 comment:

VictorG said...

In case you were not aware, you can also use the Security Configuration Manager Powertoy from Microsoft. http://blogs.msdn.com/windowsmobile/archive/2006/06/22/643027.aspx

Also, I understand it's being incorporated into VS. http://blogs.msdn.com/windowsmobile/archive/2007/04/25/security-configuration-manager-powertoy-an-orcas-feature.aspx