Certificate Management in Windows Mobile-based Devices
OEMs, Mobile Operators, and ISVs use certificates to sign applications and files that run on Windows Mobile-based Pocket PCs and Smartphones. Certificates are contained in a certificate stores on the device.
The following table shows the certificate stores.
| Certificate store | Description |
|---|---|
| Privileged Execution Trust Authorities | Contains privileged trust certificates. Applications signed with a certificate belonging to this store will run with privileged trust level. The role mask does not matter for this store. |
| Unprivileged Execution Trust Authorities | Contains normal trust certificates. Applications signed with a certificate belonging to this store will run with normal trust level. The role mask does not matter for this store. |
| SPC | Contains Software Publishing Certificates (SPC) used for signing .cab files and assigning the correct role mask to the .cab file installation. |
| Root | Contains root, or self-signed, certificates. |
| CA | Contains cryptographic information, including intermediary certification authorities. |
| MY | Contains end-user personal certificates. |
For more information about the certificate store, see CertificateStore Configuration Service Provider.
The following topics discusses the PKI hierarchy recommendation for OEM, Mobile Operators, and ISVs.
In this Section
Certificate Management for Mobile Operators and Application Signing
Certificate Management and Application Signing for ISVs
Removing Test and Development Cerfiticates
Send Feedback on this topic to the authors