我應該為dev / production iOS推送通知證書使用相同的CSR嗎?

[英]Should I use the same CSR for both dev/production iOS push notification cert?


Updated:

I found that I can submit the same CSR for both dev and production when creating certs for iOS push notification.

我發現在為iOS推送通知創建證書時,我可以為開發和生產提交相同的CSR。

For a single app I need to create 2 certs (dev/production), so for 10 app, I need to create 20 certs - which is a nightmare for certs management and pollute my keychains, so I am thinking by submitting the same CSR (hence same private key)..just more easy to maintain the stuffs.

對於單個應用程序,我需要創建2個證書(開發/生產),因此對於10個應用程序,我需要創建20個證書 - 這是證書管理的噩夢和污染我的鑰匙鏈,所以我想通過提交相同的CSR(因此相同的私鑰)..更容易維護的東西。

I want to know if any drawbacks and are you also doing the same way to reduce the effort in keys/certs management?

我想知道是否有任何缺點,您是否也采取相同的方式來減少密鑰/證書管理的工作量?

3 个解决方案

#1


20  

You don't necessarily have to use different private keys for development and production, but you should, especially if you are working in a large team or with external developers.

您不一定必須使用不同的私鑰進行開發和生產,但您應該,尤其是在大型團隊或外部開發人員中工作時。

Every developer that has to test the notification code will need to have access to the private key for the development certificate. If you use the same key for the production certificate you also give them access to sending notifications in the production system. It all comes down to trust - do you trust that every developer on your team won't use the key to play mischief with your paying customers, now and forever?

每個必須測試通知代碼的開發人員都需要訪問開發證書的私鑰。如果對生產證書使用相同的密鑰,則還可以授予他們在生產系統中發送通知的權限。這一切都歸結為信任 - 您是否相信您的團隊中的每個開發人員都不會使用密鑰來與您的付費客戶惡作劇,現在和永遠?

If you're working alone, or if you really trust everyone on your team completely go ahead and use a single key. But think about the consequences if someone misuses the key.

如果你是獨自工作,或者你真的相信團隊中的每個人都完全繼續使用一把鑰匙。但想想如果有人誤用鑰匙會帶來的后果。

#2


0  

Look here ProvisioningDevelopment

看看這里ProvisioningDevelopment

You must get separate certificates for the sandbox (development) environment and the production environment. The certificates are associated with an identifier of the application that is the recipient of push notifications; this identifier includes the application’s bundle ID. When you create a provisioning profile for one of the environments, the requisite entitlements are automatically added to the profile, including the entitlement specific to push notifications, . The two provisioning profiles are called Development and Distribution. The Distribution provisioning profile is a requirement for submitting your application to the App Store.

您必須為沙箱(開發)環境和生產環境獲取單獨的證書。證書與作為推送通知的接收者的應用程序的標識符相關聯;此標識符包括應用程序的包ID。為其中一個環境創建配置文件時,必需的權利會自動添加到配置文件中,包括特定於推送通知的權利。這兩個配置文件稱為開發和分發。分發配置文件是將應用程序提交到App Store的要求。

#3


0  

To rephrase shannoga's answer. while you could get away with using the same cert in the dev stage, each app needs proper certificates when being submitted to the appstore. It is best if create proper certs for apps in both stages that way you are sure to meet Apples standard.

重新描述shannoga的答案。雖然您可以在開發階段使用相同的證書,但每個應用程序在提交到appstore時都需要適當的證書。最好是在兩個階段為應用程序創建適當的證書,以確保符合Apples標准。

Just because something works, does not make it right. By properly maintaining certs in the dev stage, it will make it easier when you have to transition to production as your code won't rely on short cuts.

僅僅因為有些東西有效,就沒有做對。通過在開發階段正確維護證書,當您必須轉換到生產時,它將更容易,因為您的代碼不依賴於捷徑。


注意!

本站翻译的文章,版权归属于本站,未经许可禁止转摘,转摘请注明本文地址:https://www.itdaan.com/blog/2012/08/16/7299a76f37d9a818cfd66869fa5f5ae2.html



 
粤ICP备14056181号  © 2014-2020 ITdaan.com