FairPlay: SDK4 vs SDK26 credentials/certificate for iOS/tvOS client apps

Media Technologies Streaming
domdee OP
Created 16h
Replies 1
Boosts 0
Views 115
Participants 2

Hi

We’re updating our KSM to support SPC v2/v3 and currently operate with both legacy SDK4 credentials (ASK + 1024 cert) and SDK26 credentials (certificate bundle + provisioning data + 1024/2048 keys). Our client apps run across a wide range of iOS/tvOS versions, so we want to follow Apple’s recommended client strategy for certificate selection. The docs describe SHA‑1 vs SHA‑256 in the SPC header, but do not specify which OS versions should use SDK4 vs SDK26 credentials. Could you clarify:

  1. Is there an official minimum iOS/tvOS version where you recommend SDK26 credentials for client apps?
  2. For older OS versions (e.g. iOS 15), is SDK4 still the recommended choice for client apps?
  3. Are there any official migration guidelines for client apps moving from SDK4 to SDK26 credentials?

Thanks in advance.

Replies  1
Boosts  0
Views  115
Participants  2
Security Engineer OP
Apple
10h
  1. SDK 26 certificate (aka certificate bundle) is backward compatible with all client devices regardless of their version.
  2. If you update your KSM to SDK 26, it will support all legacy clients and there is no need to maintain SDK 4.
  3. There are no changes required on the client side when you update your server SDK from version 4 to version 26.
1
FairPlay: SDK4 vs SDK26 credentials/certificate for iOS/tvOS client apps
First post date Last post date
 
 
Q