Encryption

This documentation explains how to migrate to the new encryption system. Learn more about the new encryption system in the blog post.

1. Create Key Pair

npx @codepushgo/cli key create

Store the private key securely. Never commit it to source control or share it with untrusted parties.

This command:

• Creates a new key pair in your app
• Removes the old key from your React Native config
• Keeps old key files for backward compatibility

2. Update React Native Config

When prompted “Do you want to setup encryption with the new channel in order to support old apps and facilitate the migration?”, select yes. This adds a new defaultChannel option to your React Native config.

capacitor.config.ts

import { React NativeConfig } from '@capacitor/cli';

const config: React NativeConfig = {
  appId: 'com.example.app',
  appName: 'Example App',
  plugins: {
    React NativeUpdater: {
      // ... other options
      defaultChannel: 'encryption_v2' // New apps will use this channel
    }
  }
};

export default config;

3. Upload Bundle to New Channel

npx @codepushgo/cli bundle upload --channel encryption_v2

4. Enable Self-Assignment

Caution

Required for the defaultChannel option to work

npx @codepushgo/cli channel set encryption_v2 --self-assign

5. Upload to Old Channel

npx @codepushgo/cli bundle upload --channel production

Tip

React Native config is never uploaded to CodePushGo

6. Cleanup (After 3-4 Months)

Once all users have updated their apps:

1. Remove defaultChannel from your React Native config
2. Delete the old channel:

npx @codepushgo/cli channel delete encryption_v2

Note

Apps using encryption_v2 as default will switch to production channel after deletion