If you’ve been following our blog, you know that our focus for the last several weeks has been on mobile app security. As a mobile app management vendor, we’re always focused on security. But, in talking with a recent customer, we discussed a different process: the DevOps build pipeline.
When we’re working with customers, they often have to go back to the developer so the developer can re-sign the mobile app with the production profile or key file. This means, of course, that the keys and credentials need to be shared with your development team. Alternatively, you can put that on your continuous integration (CI) server–again, that information would be stored and shared with the CI service.
With our new cloud app wrapping feature, however, you can place those credentials securely with App47, all in one place. We use government-grade encryption to ensure your credentials remain secure and are never written to any disk, log file, or otherwise exposed in a non-encrypted form.
What this means for you is that you can securely automate the signing of your apps with your production certificate at the end of your CI pipeline.
Using our Build API V2, you can upload your build at the end of any CI service you use (CircleCi, Jenkins, and others), then configure your credentials to always sign the build when received. It’s that easy: your app is signed with your production certificate/key file, and the number of places you now need to keep that information is down to one, App47. (Okay, you might want to make a backup locally for your own sanity. But you get the point.)
With this functionality in our new cloud app wrapping feature, you can secure your app signing process, and streamline it, too. For more on how App47 can help you, request a demo today.