Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Reuse Development C.S.R. for Distribution certificate

So, I've created a development certificate for my iPhone app, and in the process I saved a C.S.R as a CertificateSigningRequest.certSigningRequest file on the computer hard drive with Keychain Access Certificate Assistant. It seems to me that Apple asks for an exactly same file to be generated and saved onto the hard drive for requesting a distribution certificate as well. Can I reuse the request file I already created for development to request a distribution certificate? I know I'll be allowed to use the file, but will this create a problem later down the road somehow?

like image 911
Alex Avatar asked Jul 20 '10 16:07

Alex


People also ask

How do I renew my Apple distribution certificate?

Distribution Certificates Must Be Renewed Periodically To continue distribution, navigate to the Devices organizer in Xcode. Select the expired profile and click Renew Profile in the red bar at the top. This will renew your expired certificate and add it to the provisioning profile.

What happens when distribution certificate expired?

If your certificate expires, passes that are already installed on users' devices will continue to function normally. However, you will no longer be able to sign new passes or send updates to existing passes. If your certificate has been revoked, your passes will no longer function properly.

Can I have multiple distribution certificates?

You can only have one distribution and development certificate. However you can have multiple distribution profiles. So in your case, you can use the same distribution certificate to create an adhoc distribution profile and an app store distribution distribution profile.


1 Answers

Short Answer

You can, but then both your development and distribution certificates will be tied to the same public/private key pair (which is generated when you create the certificate request).

Details

Applications can be signed with a certificate by anyone who has the private key with which that certificate is associated.

Applications must be signed with a development certificate to run and debug on a device.

Applications must be signed with a distribution certificate to be submitted to the App Store. (Distribution-signed applications can also be run on a device, but you can't attach a debugger to them.)

In larger organizations, each developer has their own developer certificate (with their own public/private key pair). Additionally, there's one distribution certificate (also with its own public/private key pair).

This allows the organization to:

  • Closely guard the distribution private key, only allowing access to the individuals that perform the final step of signing the application for submission to App Store.
  • Revoke individual developer's certificates without affecting other developers.

If you're an individual developer and not trying to grow a studio, probably none of this will matter much to you because you're going to be both the developer and submitter.

like image 81
Jon-Eric Avatar answered Sep 21 '22 22:09

Jon-Eric