That's about it except that the key is generated in the first place by running
genkey when you Telnet to port 8080. It's
genkey that produces the key and password pair. Is that handled by your deployment script? If so, make sure every time your deployment script runs it's not generating a new key (and spitting out a new password).
The Roku unit stores the key somewhere and uses that along with the password to encrypt/sign the package. You can change the current key by rekeying using the web interface (uploading a package file and providing the appropriate password) or running
genkey to produce a new key/password pair. You can develop with any box that's using any key (or none at all). It's only when you create the final package to upload to the developer site that you want to make sure the box is keyed properly.
I have to take something back about trying to upload a package with a different key. In the past the developer site didn't complain about the key being different from the previous package, but I think it does now. It's not something I've tried recently.
-JT
Roku Community Streaming Expert
Help others find this answer and click "Accept as Solution."
If you appreciate my answer, maybe give me a Kudo.
I am not a Roku employee.