Web Signing Certificates¶
To sign Live Update bundles in Capawesome Cloud, you need to configure a signing certificate. Web apps use a PEM certificate file containing a private key to sign bundles, ensuring the authenticity and integrity of your Live Updates.
Configuration¶
To create a web signing certificate, navigate to the Signing Certificates page in the Capawesome Cloud Console and provide the following information:
- Name: A descriptive name for the certificate (e.g., "Production Web Certificate").
- Platform: Must be set to
Web. - Type: The certificate type (
DevelopmentorProduction). - Certificate File: The PEM file containing the private key. Must have a
.pemextension.
Read on for detailed instructions on creating and obtaining these credentials.
Obtaining Credentials¶
Name¶
Choose a descriptive name that helps you identify the certificate's purpose (e.g., "Production Web Certificate", "Development Certificate"). This name is only used within Capawesome Cloud for organization purposes.
Type¶
Select the appropriate certificate type:
- Development: For development and testing builds that are not distributed publicly.
- Production: For release builds that will be distributed to end users.
Certificate File¶
A PEM file containing your private key is required to sign Live Update bundles. You can generate a key pair using the Capawesome CLI:
This creates a private.pem and public.pem file in the current directory. Upload the private.pem file as the certificate file in the Capawesome Cloud Console.
You can also customize the output paths and key size:
npx @capawesome/cli apps:liveupdates:generatesigningkey --private-key /path/to/private.pem --public-key /path/to/public.pem --key-size 4096
Keep your private key secure
Store your private key in a secure location, add it to your .gitignore, and never commit it to version control. If you lose your private key, you will need to generate a new key pair and reconfigure your app.
For more information on code signing, see the Code Signing guide.