我是 iOS 开发新手,签名过程有点困惑。
让我们假设以下场景:
来自 docs
Code signing also allows your app’s signature to be removed and re-signed by a trusted source. For example, you sign your app before uploading it to iTunes Connect, but Apple re-signs it before distributing it to customers
据了解,Apple 将删除我的签名并使用他们的 key 签名。
所以问题是:
只要您始终将新版本上传到应用商店,您在撤销并重新创建 iOS 分发证书时是否会出现问题?
是的,您可以撤销并创建新的 iOS 分发证书,如果您正在通过 App Store 分发并且没有与依赖该私钥的任何其他开发人员合作/证书。
更重要的是要防止您的私钥落入错误的人手中。如Apple says here :
Because the private key is stored locally on your Mac, protect it as you would an account password. Keep a secure backup of your public-private key pair. If the private key is lost, you’ll have to create an entirely new identity to sign code. Worse, if someone else has your private key, that person may be able to impersonate you. In the wrong hands, someone might attempt to distribute an app that contains malicious code. Not only could that cause the app to be rejected, it could also mean your developer credentials could be revoked by Apple.
如果您使用企业代码签名分发企业应用程序,那么您的私钥更为重要。如果您撤销企业分发证书,您在野外的应用程序最终将停止工作。 (这不会立即发生 - 下次 iOS 设备打电话回家检查其配置文件是否仍然有效时会发生)。
关于iOS 签名程序;吊销证书并上传新版本,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47555032/
| 欢迎光临 OGeek|极客世界-中国程序员成长平台 (http://ogeek.cn/) | Powered by Discuz! X3.4 |