Is it safe to share the iOS Enterprise Distribution Certificate with external developers?
I am in the following situation: We have an enterprise developer account and for an app we are working with an external developer.
At the moment we do not have access to the source code so we can’t make builds, but we still need to have weekly builds that can be installed on devices… therefore the external developer needs to be able to build ipa files.
The developer is now a member of the developer program and has their own developer certificate. However, there can only be one distribution certificate.
From a security point of view, is it safe/recommended for us to share the distribution certificate (and the private key) and a provisioning profile so they can build ipa files?
Are there any other (safer) choices?
PS: I was also thinking that we could resign an ipa with our distribution certificate but it still leaves us in the situation where they need to be able to build an ipa – and this is only possible with a distribution certificate + provisioning installed.
2 Solutions Collect From Internet About “Is it safe to share the iOS Enterprise Distribution Certificate with external developers?”
You can have your external developer to sign with whatever he wants and then you can re-sign the IPA and use it. This way the source code is “safe” in the developer’s perspective and you can use your IPA signed with your certificate. I normally use this, but you can do it in the command line too…
As for your Post Scriptum part, that’s not true… I have the experience of working with external agencies where they use their own certificate and provisioning and when I receive their IPA I only need to re-signed it.
They can be responsible for creating their own profile, and you can simply send them your p12 key (no big deal). You can also just give them the distribution certificate.
To be honest, I’ve never been in a situation where an employer or contractor was hesitant to give me their certificate & p12 file. So I’ve never thought much of it!
- iOS APNS “best-effort” fallback
- What precisely happens when iOS installs an update to an app?
- updatesearchresultsforsearchcontroller not called
- Why has NSNumber such strange retainCounts?
- Swift 3.0, Alamofire 4.0 Extra argument 'method' in call
- Changing UILabel text has delay, but why?
- iOS Swift – Get the Current Local Time and Date Timestamp
- Check if an URL has got http:// prefix
- Is it possible to add fixed content to a UIScrollView?
- Why Xcode 7 shows *.tbd instead of *.dylib?
- Why does git add&remove the Storyboard <classes> section repeatedly?
- Prepare for Segue in Swift
- iOS : Inserting multiple rows in UITableview with insertRowsAtIndexPaths
- Add blur effect on a Mapbox
- One C# game to rule them all(iOS, Android, WP7, W7, Mac OS X and XBOX)