Is it safe to share the iOS Enterprise Distribution Certificate with external developers?

Question

I am in the following situation: We have an enterprise developer account and for an app we are working with an external developer.

At the moment we do not have access to

Answer 1

You can have your external developer to sign with whatever he wants and then you can re-sign the IPA and use it. This way the source code is "safe" in the developer's perspective and you can use your IPA signed with your certificate. I normally use this, but you can do it in the command line too...

As for your Post Scriptum part, that's not true... I have the experience of working with external agencies where they use their own certificate and provisioning and when I receive their IPA I only need to re-signed it.