App signing

App signing, or signing, is the process of digitally certifying mobile app executables. Signing confirms the app author’s identity and guarantees that the code has not been changed or modified. App stores and mobile devices are designed to reject any attempt to load an unsigned app. Apps that are modified as part of a Blue Cedar Platform workflow, for example during a no-code integration step, must be re-signed prior to deployment.

Mobile app developers sign their apps as part of the app release process. DevOps and IT groups may have to do it as well, if they modify the apps in any way during the process of deploying apps within enterprise environments. Signing certifies that such modifications were deliberate and are legitimate. For example, enabling app-level security controls is a common requirement for apps deployed by organizations in regulated industries.

Blue Cedar app signing process

The Blue Cedar Platform does not actually sign apps. Rather, it bundles the app with signing credentials you provide and a signing script so that you can sign the app externally. External signing means downloading the app from the Blue Cedar Platform, signing it on a local signing server, and uploading the signed app to the Blue Cedar Platform for the next step in the workflow.

Adding signing to a workflow

To use app signing in a workflow, do the following:

1. Configure Blue Cedar's Signing extension as described in Extension - Signing
2. Add a Signing step to your workflow as described in Signing - External Signing by Blue Cedar
3. For external signing, ensure that the person responsible for completing this step has a Blue Cedar user account to download and upload the signed package using the Blue Cedar Platform.