iPhone: What is a WWDR intermediate certificate?

In the Apple Developer Portal, in Certificates, Developer (or Distribution) it says:

"If you do not have the WWDR intermediate certificate installed, click here to download now."

I don't even know what that means. Do I need to download and run that? or do I need to only download the current certificate only?

54517 次浏览
小开
最佳答案

You need to download it and double click on it. It will get stored in your computer's KeyChain. It can be described best as something like root level certificate authority that affirms that your development or distribution profile certificate was issued by Apple's WWDR and not forged somewhere else.

小开

The WWDR certificate is needed to tell Xcode that your other certificates are valid. You need to download them all and drop them on your KeyChain.

小开

iPhone Game Development book says:

WWDR certificate

Apple’s World Wide Developer Relations (WWDR) certificate is available from Apple at http://developer.apple.com/certificationauthority/AppleWWDRCA.cer. Download and install the certificate so that you can use it to certify builds. The WWDR certificate links your development certificate to Apple, completing the trust chain for your application.

小开

WWDR certificate is required since it contains the public key of the Certificate Authority(CA).Here the Certificate Authority is Apple itself(Apple Root CA).
This certificate is to ensure that your Development and Distribution certificates are indeed issued by the CA and the owner of that certificate(ie your identity) has been verified.
wiki regarding Certificate Authority

小开

As per My Experience Apple WWDR Certificate is very important. If you Upload Application without Installing it into Key-chains than your Application will be Approved but that will not show on to the iTunes Store even if it is ready for sale.

You will get the message like this:

enter image description here

If you'll change the Store then also you'll get the same message.

Hope it will help you.

小开

I understand basic public key cryptography. You generate a key pair on your machine. Then you upload your public key to the certificate authority and they sign and return it to you. You then install the certificate on your key chain and use that to sign your apps in XCode (with the private key).

Pretty straight forward.

The WWDR Intermediate Certificate (WWDRIC) doesn’t seem to fit that model. You need to only download it once (unless it expires) and you may have multiple developer signing certificates over an extended period of time.

My hypothesis is that it allows Xcode to validate your developer certificates with a local source (the WWDRIC) and not have to go on to the network to validate your signing certificates. This avoids the latencies associated with networks (or you might not even be on the net).

小开

As per Apple :

To help protect customers and developers, we require that all third party apps, passes for Apple Wallet, Safari Extensions, Safari Push Notifications, and App Store purchase receipts are signed by a trusted certificate authority. The Apple Worldwide Developer Relations Certificate Authority issues the certificates you use to sign your software for Apple devices, allowing our systems to confirm that your software is delivered to users as intended and has not been modified.

Source : https://developer.apple.com/support/certificates/expiration/


提交答案