Comment on page
Appfigurate generates a unique 2048-bit RSA private key as part of an app's metadata record that is used for signing configuration payloads. To protect app metadata records you should follow these best practices:
We rely upon you and your Mac's security. You Mac should be up-to-date with all security patches applied, firewall enabled, FileVault on. You should use a strong password on boot and screen unlock.
In a large development team it may be beneficial to restrict the distribution of real app metadata records to selected team members. Other team members can continue to test debug builds using the following instructions:
Ensure your app's
YESfor debug builds and
NOfor release builds. Do not replace the real public key in the
APLConfiguration.publicKeymethod with the newly generated (wrong) public key.
If you need to share an app metadata record (with the real private key) across devices in your team, you should limit the ability to re-export the app's metadata record on the new device. You can do this when exporting from your device by leaving the
Exportableswitch off. When the app metadata record is imported into the new device, it will not be exportable from that device, and it will expire after 180 days.
When including Appfigurate library into release builds (App Store/TestFlight Beta/Enterprise/Google Play/Alpha track/Beta track), you should ensure that:
- 2.If you have overridden the default behaviour of
APLConfiguration.allowInvalidSignatures, that you've checked it returns the correct value for debug and release builds. To test this, use Appfigurate to read the current configuration of your app. If a release build reports
Debug build - App allows invalid signaturesthen your implementation of
- 3.You can test applying configuration using a wrong signature to a release build by long-pressing the
Apply⌄button, then tapping the
Apply invalid to this deviceaction. Your app will be launched with a configuration payload signed by an invalid key. If the configuration is successfully applied, then your implementation of