Android Documents说用调试证书发布应用不安全,但我不知道为什么。 “设计不安全”是什么意思,调试证书是如何设计的?
Because the debug certificate is created by the build tools and is insecure by design, most app stores (including the Google Play Store) do not accept apps signed with a debug certificate for publishing.
最佳答案
This page indicates问题是调试证书没有信任 anchor ,因此可以轻松更换证书。这是他们提供的示例:
$ jarsigner -verify -verbose -certs example.apk
sm 11116 Fri Nov 11 12:07:48 ICT 2016 AndroidManifest.xml
X.509, CN=Android Debug, O=Android, C=US
[certificate is valid from 3/24/16 9:18 AM to 8/10/43 9:18 AM]
[CertPath not validated: Path doesn\'t chain with any of the trust anchors]
(...)
关于android - 为什么调试证书不能安全地签署 Android APK?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63497331/