Anyone could sign code with the cert if they know/crack the password for the private key.
I would keep all certs out of the repo in the interest of security and keep them in a safe place and only grant access to people who create distribution packages. If you're doing dev… you can generate your own cert. On Aug 15, 2012, at 1:05 PM, Om wrote: >> >> I fixed all the issues identified by the RAT check except certificate.p12. >> That's a binary file and I don't think it can go in the source >> distribution. >> >> I'll leave that to Om and/or Erik to figure out. >> >> > It makes sense for any developer who wants to work on it to create their > own certificate. Flash Builder makes it very seamless. > > But, what about official releases? We need to have and maintain one > certificate so that the app upgrades on client's machines go smoothly. > > .p12 files can be created, modified etc. using a variety of tools like > Flash Builder, OpenSSL, etc. Can we make an exception for p12 files and > keep it in the source? > > Thanks, > Om
