iOS 签署程序;吊销证书并上传新版本
iOS Signing procedure; revoke certificate and upload a new version
我是 iOS 开发的新手,签名过程有些混乱。
让我们假设以下场景:
- 有人开发了新的 iOS 应用程序并通过该应用程序分发
商店。
- 假设某人由于某种原因他们当前安装的 mac OS 炸了,he/she 现在重新安装 OS 但 he/she没有备份他的私钥(iOS 开发和 iOS 分发)。
- 时间过去了,那个人现在想推送一些更新。
- 他现在撤销旧证书并创建新证书,签署应用程序并将其上传到应用程序商店。
来自docs
Code signing also allows your app’s signature to be removed and re-signed by a trusted source. For example, you sign your app before uploading it to iTunes Connect, but Apple re-signs it before distributing it to customers
据了解,Apple 会删除我的签名并使用他们的密钥签名。
所以问题是:
iOS分发证书只要一直上传新版本到app store,是不是有问题?
是的,您可以撤销并创建一个新的 iOS 分发证书,如果 您是通过 App Store 分发的并且没有与任何其他人合作依赖该私钥/证书的开发人员。
更重要的是你要防止你的私钥落入错误的人手中。作为 Apple says here:
Because the private key is stored locally on your Mac, protect it as you would an account password. Keep a secure backup of your public-private key pair. If the private key is lost, you’ll have to create an entirely new identity to sign code. Worse, if someone else has your private key, that person may be able to impersonate you. In the wrong hands, someone might attempt to distribute an app that contains malicious code. Not only could that cause the app to be rejected, it could also mean your developer credentials could be revoked by Apple.
如果您要分发企业应用程序,使用企业代码签名,您的私钥就更为重要。如果您撤销企业分发证书,您的应用程序最终将停止工作。 (这不会立即发生 - 它会在下次 iOS 设备打电话回家检查其配置文件是否仍然有效时发生)。
我是 iOS 开发的新手,签名过程有些混乱。
让我们假设以下场景:
- 有人开发了新的 iOS 应用程序并通过该应用程序分发 商店。
- 假设某人由于某种原因他们当前安装的 mac OS 炸了,he/she 现在重新安装 OS 但 he/she没有备份他的私钥(iOS 开发和 iOS 分发)。
- 时间过去了,那个人现在想推送一些更新。
- 他现在撤销旧证书并创建新证书,签署应用程序并将其上传到应用程序商店。
来自docs
Code signing also allows your app’s signature to be removed and re-signed by a trusted source. For example, you sign your app before uploading it to iTunes Connect, but Apple re-signs it before distributing it to customers
据了解,Apple 会删除我的签名并使用他们的密钥签名。
所以问题是:
iOS分发证书只要一直上传新版本到app store,是不是有问题?
是的,您可以撤销并创建一个新的 iOS 分发证书,如果 您是通过 App Store 分发的并且没有与任何其他人合作依赖该私钥/证书的开发人员。
更重要的是你要防止你的私钥落入错误的人手中。作为 Apple says here:
Because the private key is stored locally on your Mac, protect it as you would an account password. Keep a secure backup of your public-private key pair. If the private key is lost, you’ll have to create an entirely new identity to sign code. Worse, if someone else has your private key, that person may be able to impersonate you. In the wrong hands, someone might attempt to distribute an app that contains malicious code. Not only could that cause the app to be rejected, it could also mean your developer credentials could be revoked by Apple.
如果您要分发企业应用程序,使用企业代码签名,您的私钥就更为重要。如果您撤销企业分发证书,您的应用程序最终将停止工作。 (这不会立即发生 - 它会在下次 iOS 设备打电话回家检查其配置文件是否仍然有效时发生)。