Once development has finished and applications are to be deployed to the target dongles:

  • The release object file (known as an ALU) must be generated.
    • During development an unprotected ALU is generated by the postbuild.bat script
    • For deployment it is best practice to generate a protected (code and data is signed) or confidential (code and data is signed, data is encrypted) ALU.
    • The tools folder of the workspace has scripts and tools for doing this.
  • The actual load certificates (ALCs) to be used must be obtained (from the MULTOS Key Management Authority (KMA)) specifying the final application details and application signing keys.
    • You may want to specify your own AID
    • A JSON Application Definition file is generated in the Debug folder that can be used for registering the application in the KMA.
  • Delete certificates (ADCs) may be requested (required per device) by specifying the device serial numbers in an mcd-id-list file. See the section on enablement for instructions on how to obtain an mcd-id-list file for your device(s).