Certificates, Identifiers, and Profiles Oh My

Apple's Code Signing

A quick and dirty guide to Apple’s code signing.

Certificates certify the authenticity of a developer’s device to build apps. This is done in the Apple developer portal. Creating a new certificate involves creating a Certificate Signing Request (CSR) file from your Mac. Once the CSR is created, the certificate can be generated.

Identifiers are unique identifiers for your app. They are unique and tied to the App Store ID. The typical format follows com..

Devices are just a list of Apple devices that can be deployed to for testing. When creating a test build locally, the devices will need to be added here and to the provisioning profile in which they will be tested.

Provisioning Profiles are where the certificates (what we can build), identifiers (what app we are building) and devices (what we can deploy to) are matched up to each other. This along with the certificate installed on the developer’s Mac is what allows us to export a P12 file.

Creating an Identifier

  1. Go to the Identifiers and select the plus icon
  2. Select App IDs and click continue
  3. Select App and click continue
  4. Enter a short description and bundle ID (com..
  5. Select the appropriate capabilities and services the app will provide and click continue
  6. Verify everything entered and click register

Creating a Provisioning Profile

  1. Go to the Profiles and select the plus icon

  2. Select iOS App Development for development or App Store for distribution to the App Store

  3. For distribution, just click continue and select the certificate. For development continue.

  4. Click continue and select the appropriate App ID that was created in Identifiers

  5. Click continue and select the certificates that are going to use this provisioning profile

  6. Click continue and select the devices to include in the provisioning profile to deploy the app to

  7. Click continue and name the provisioning profile

  8. Click generate, then download the provisioning profile and install it locally via Xcode

Creating a Certificate

  1. Go to certificates and select the plus icon

  2. Select iOS App Development for iOS development or iOS Distribution for distributing iOS applications to the App Store

  3. Create a CSR as instructed below, then upload it as instructed on the next screen

  4. Continue and the certificate has been generated. Once generated, download and install on your Mac.

Creating a CSR file

  1. Opening Keychain Access on the Mac

  2. Requesting a CSR from a certificate authority

  3. Fill in the details on the next screen

  4. Click continue and save the CSR where it is easily accessible

How to export P12

Exporting a P12 file can be necessary for automated builds or for sharing certificates to other developers

Once a certificate has been created with the CSR from your device and the provisioning profile, which has your certificate selected, has been downloaded and installed on the device you should see an arrow next to the certificate. Once you click the arrow you’ll see the private key that was generated from your device. Select both the private key and the certificate and two-finger click export to export as a P12 file.