1 个密钥库签署所有应用程序还是每个应用程序 1 个? [英] 1 Keystore to sign all apps or 1 per app?

问题描述

我想知道哪个是更受欢迎的选项，拥有 1 个密钥库来签署您发布的所有应用程序，并将该密钥库复制到云和本地以确保其安全，或者为每个提交的新应用程序生成一个新的密钥库，以及保留所有副本?

I am wondering which is the more popular option, Having 1 keystore to sign all the apps you publish, and duplicating that keystore into the cloud and locally to keep it safe, or generating a new keystore for every new app submitted, and keeping copies of all of them?

为所有内容拥有 1 个密钥库似乎更容易，但尽管复制了它，我还是担心它会损坏并失去对所有应用程序的访问权限.

It seems easier to have 1 keystore for everything, but despite duplicating it, im afraid of it getting corrupted and loosing access to all of the apps.

这种情况的最佳方法是什么?

Whats the best approach for this situation?

推荐答案

如果您使用相同的密钥库，您的应用程序将更容易协同工作.通过让他们使用相同的密钥签名，您可以使用共享 UID(不推荐)，或使用基于签名的权限.这将使导出某些数据或功能成为可能，并仅限制对您自己的应用程序的访问(使用 ContentProvider 或远程服务).缺点是，如果丢失密钥，则必须重新发布所有应用程序.

If you use the same keystore, it will be easier to make your apps work together. By having them signed with the same key, you can use a shared UID (not really recommended), or use signature based permissions. That would make it possible to export certain data or functionality and restrict access to your own apps only (using a ContentProvider or a remote service). The downside is, that if you loose the key, you'll have to republish all apps.

如果您使用单独的密钥库，则可以更轻松地将应用转移给其他人(为他们提供密钥库和密码).此外，如果您丢失/损坏了密钥库，您只需重新发布一个应用程序.

If you use separate keystores, it's easier to transfer an app to someone else (give them keystore and password). Additionally, you need to re-publish only one app if you lose/corrupt the keystore.

任您挑选，但我想说的是:使用相同的密钥库并进行大量备份.我也会在不同的位置使用物理媒体(CD 等)，而不是云"，但这也是您的选择.

Take you pick, but I'd say: use the same keystore and make lots of backups. I would also use physical media (CD, etc) in separate locations, rather then the 'cloud', but that's your choice too.

这篇关于1 个密钥库签署所有应用程序还是每个应用程序 1 个?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！