2

Here's my scenario. I work on a team of 3 developers. Currently I am the only one who does iphone development so at this point we have 1 project that I created, tested and then created a deployment certificate so I could build it and deploy it to a few devices. 1 developer, 1 app, it's all pretty straight forward. Here is where my problem lies.

Now lets say one of the other developers has to checkout the source code, make a change and redeploy, and I am not around, nor is the computer that I developed on. I have read everything I could find and I understand the other developer would need to download the distribution certificate and deployment provisioning profile and that I would also need to export the private key of the distribution certificate to the .p12 format for them to put on their machine. This all works as said.

The question I have and what I can't seem to figure out is that the distribution certificate I created is signed with my developer private key. I feel like that should not be the case because if I export this and give it to them they now have my private key which from what I can tell is something you are supposed to keep secret and in a safe place for me to develop on other machines or in case I need to reinstall, not something I would give to other developers just so they can deploy. And vice versa when they create an application and I need to make changes and deploy.

I have searched everywhere for an answer but I don't seem to be able to find the exact answer I need to understand what I am missing. Maybe I'm just missing some essential concept.

  • Is there a way to create a distribution profile with a private key of my company rather than myself? Or even a key that I can name for each project if I have to create a distribution certificate for each project.
  • Is sharing my personal private key attached to the distribution certificate wrong/bad?
  • What can they do with my private key? I feel like we should have a company private key or something.

I know this is long winded but I am really at a loss at this point. Here is another post that is similar and it also links to another post that was having the same problem that from what I can tell didn't get answered clearly, at least as far as I can tell.

Enabling multiple team admins to build an app for distribution in XCode 4.3?

Any help for how a team of developers can all build and deploy without sharing their private keys would be greatly appreciated. I assume it's simple because I can't imagine other companies are deploying from a single machine.

Jon

Community
  • 1
  • 1
Jon
  • 61
  • 3

2 Answers2

1

The answer (like the question) is somewhat longer:

1) As a rule, distribution provisioning profiles (Ad-Hoc, Enterprise InHouse and AppStore) are using different certificate/key pairs then development provisioning profiles. There are clearly marked as such in the provisioning portal (e.g. developer certificate, distribution certificate, and push certificate).

2) Companies tend to limit the access to distribution keys, as their leakage introduces significant security implications (e.g. someone could try to distribute your application with malware etc). A common practice is to have one to three designated "Signers"

3) As for one agains multiple distribution certificates: there is a limit on the number of distribution certificates you can have (I think it's two). Also, in case of distribution provisioning profiles, you are allowed to pick only one. So if you would like to use two keys/certs regularly, you would have to have two provisioning profiles for the same app. Trust me! xcode will make you regret this idea!

Bonus note: In theory it should be possible to create a CSR (certificate signing request) with a private/public key pair of your choice, instead of the default behaviour of generating a new one. More here

Community
  • 1
  • 1
Antoni Kedracki
  • 159
  • 3
0

Your developer private key is not being used with the distribution certificate. There are two private keys involved with your scenario above.

Open Keychain Access, select your login keychain and select "My Certificates" under category.

1) Your developer private key should never need to be shared with another developer. It is unique and for your use only. Only if you are migrating to a new computer should you need to export this. In your Keychain Access application, you will see this certificate listed as "iPhone Developer: Your Name"

2) The distribution certificate has a separate private key. It is located on the computer that created the distribution certificate request and is in the Keychain Access application listed as "iPhone Distribution: Your Company Name". You will need to export this certificate (including both public and private keys) to allow someone else to create an enterprise distribution using the EXISTING provisioning profile. For information of how to export these keys, see: https://stackoverflow.com/a/9418712/600753

I recommend the above approach, but another alternative is to have the other developer create another distribution certificate and another provisioning profile. This approach has a tendency to confuse the auto selection of the provisioning profiles within Xcode and is usually more trouble than it's worth.

Community
  • 1
  • 1
picciano
  • 22,341
  • 9
  • 69
  • 82