[英]Is it okay to sign two different applications with the same key?
I have made two versions of my application, a "large" version, and a "mini"/"lite" version. 我已经制作了两个版本的应用程序,一个“大”版本和一个“迷你”/“精简版”。
Should I be signing both of these with the same key? 我应该使用相同的密钥签署这两个密钥吗? Or should I sign with a unique key for each of them?
或者我应该为每个人签一个独特的钥匙?
What are the repercussions of signing multiple applications with the same key? 使用相同的密钥签署多个应用程序会产生什么后果?
Signing is used mainly to identify an application's developer. 签名主要用于标识应用程序的开发人员。 If anything, you're suppose to sign all applications you make with the same key.
如果有的话,您可以使用相同的密钥对所有应用程序进行签名。
The Android system requires that all installed applications be digitally signed with a certificate whose private key is held by the application's developer.
Android系统要求所有已安装的应用程序使用其私钥由应用程序开发人员持有的证书进行数字签名。 The Android system uses the certificate as a means of identifying the author of an application and establishing trust relationships between applications.
Android系统使用证书作为识别应用程序作者和在应用程序之间建立信任关系的手段。 The certificate is not used to control which applications the user can install.
证书不用于控制用户可以安装的应用程序。 The certificate does not need to be signed by a certificate authority: it is perfectly allowable, and typical, for Android applications to use self-signed certificates.
证书不需要由证书颁发机构签名:Android应用程序使用自签名证书是完全允许的,也是典型的。
Read everything here: http://developer.android.com/guide/publishing/app-signing.html 阅读所有内容: http : //developer.android.com/guide/publishing/app-signing.html
Please sign your apps with the same certificate only in case you need to share data, or other resources. 如果您需要共享数据或其他资源,请使用相同的证书对您的应用进行签名。 Some disadvantages of signing with the same certificate:
使用相同证书签名的一些缺点:
If your app certificate is compromised , all your apps are in danger. 如果您的应用证书遭到入侵 ,您的所有应用都会面临危险。 Certificate holder can create fake updates for your apps to steal users data etc.
证书持有者可以为您的应用创建虚假更新以窃取用户数据等。
If you wanna sell one of your apps , you have to compromise your certificate to the buyer. 如果您想销售其中一个应用 ,则必须将您的证书泄露给买方。
If you lose your certificate , you will be unable to make updates for all your apps. 如果您丢失了证书 ,则无法为所有应用程序进行更新。 You will be forced to create new packages (new apps) for all of them.
您将被迫为所有这些包创建新包(新应用程序)。
If one of your apps has signature level permission , or allows user id sharing , all your apps can take advantage of this! 如果您的某个应用具有签名级别权限 ,或允许用户ID共享 ,则您的所有应用都可以利用此功能!
Happy signing! 快乐签约!
使用相同的密钥对应用程序进行签名允许他们访问彼此的数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.