Code signing & OCSP
So, I'm attempting to load a signed MIDlet onto a few Nokia and Motorola phones. Unfortunately, I am encountering certificate problems. I have the proper certificate from Verisign, but I am having problems when it comes to loading the midlet onto the phone.
On the Nokia, I call up the browser and download the JAD file from our site. Then, it proceeds to attempt to install the JAR from the URL specified in the JAD. Somewhere along that process, however, the OCSP server from Verisign is contacted and this throws off the installation process as it fails. I called Verisign and they suspect that the device (first a Nokia S60 emulator) and then a Motorola Razr doesn't understand how to interpret the response from the OCSP server.
I'm wondering if this has anything to do with the certificate specifying ocsp.verisign.com in it, or is it something else. What has anyone else done to get a signed MIDlet onto a device despite signing issues?
We bought a Verisign Code Signing cert, but we're wondering if we should give it back (we're within the 30 day window) and buy another cert from elsewhere (one of those Java Verified certs, for example).
Any thoughts? Thanks in advance!
