Menu
Updated:
I found that I can submit the same CSR for both dev and production when creating certs for iOS push notification.
For a single app I need to create 2 certs (dev/production), so for 10 app, I need to create 20 certs - which is a nightmare for certs management and pollute my keychains, so I am thinking by submitting the same CSR (hence same private key)..just more easy to maintain the stuffs.
I want to know if any drawbacks and are you also doing the same way to reduce the effort in keys/certs management?
970
You can create at most 2 APNS certificate for each app bundle id you have. 1 for Development and 1 for Production. To create an APNS certificate, you need to choose: Apple Push Notification service SSL (Sandbox) for Development.
APN certificate(s) downloaded from Apple only have one year validity from the date it was created. Ensure that the managed iOS devices do not have to be re-enrolled into TMMS for Enterprise when an APN certificate expires after a year.
The Certificate Signing Request (CSR) that you send to Apple contains your public key, some personal information about you and is signed using your private key. Apple then uses the public key in the CSR to verify that your CSR came from you before issuing your certificate (which contains your public key).
An iOS push notification is a message that pops up on an Apple device such as an iPhone. Before receiving push notifications from an app, iOS device users must explicitly give permission. Once a user opts-in, mobile app publishers can send push notifications to the users' mobile devices.
You don't necessarily have to use different private keys for development and production, but you should, especially if you are working in a large team or with external developers.
Every developer that has to test the notification code will need to have access to the private key for the development certificate. If you use the same key for the production certificate you also give them access to sending notifications in the production system. It all comes down to trust - do you trust that every developer on your team won't use the key to play mischief with your paying customers, now and forever?
If you're working alone, or if you really trust everyone on your team completely go ahead and use a single key. But think about the consequences if someone misuses the key.
166
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
