# generate iOS Certificates and Provisioning Profile

# I. Overview

# 1. Apple Developer Account

create iOS Certificates and Profile There are three types of Apple developer accounts, individual developers, corporate developers, and enterprise developers, with different uses.

  • Individual developers and corporate developers are 99 US dollar/Year, the enterprise developer is 299 US dollar/Years.
  • Enterprise developers are generally used by large enterprises to develop internal applications and cannot be listed App Store Of.

Make sure you already have a personal developer or corporate developer account

# 2. Introduction to Certificates

There are many types of certificates and they are used for different purposes. The following are iOS Classification of certificates:

  • Developer Certificate (Developer Certificate: Used to sign and debug applications during development. Developer certificates are issued by the Apple Developer Center and require the use of Xcode Or other development tools for application and management.
  • Distribution certificate (Distribution Certificate: Used to distribute the application to other users or upload it to App Store For an audit. Distribution certificates are issued by the Apple Developer Center and require the use of Xcode Or other development tools for application and management.
  • Push certificate (Push Certificate): Used to implement the remote push function, which allows the application to receive push notifications from the server. Push certificates are issued by the Apple Developer Center and require the use of Xcode Or other development tools for application and management.
  • Enterprise Certificate (Enterprise Certificate: Used to distribute the application to employees or customers within the enterprise. Enterprise certificates are issued by the Apple Developer Center and require the use of Xcode Or other development tools for application and management.

# 3. Provisioning Profile introduce

Configuration Files (Provisioning Profiles) also divided into two kinds, divided into development (Development) and release (Distribution), the profile contains the certificate, App ID, Devices, with the suffix . mobileprovision。 It plays the role of configuration and verification in the developer account system, and is a necessary file for debugging and packaging.

  • One Provisioning Profile Corresponds to a App ID(bundleId)
  • Provisioning Profile Decision Xcode Which certificate (public key)/Private key combination (Key Pair/Signing Identity) to sign the application (Signing Product), which will be embedded when the application is packaged into the .ipa In the bag.
  • Provisioning Profile All this information is packaged together so that we can use it when debugging and distributing packages. This way, as long as you choose different in different situations Provisioning Profile Documents on it.
  • Provisioning Profile Also divided Development and Distribution Two categories, valid for the same Certificate Same. Development Version of the ProvisioningProfile For development and debugging, Distribution Version of the ProvisioningProfile Mainly used for submission App Store Audit, which does not specify the development test's Devices。

# II. Operational Guidelines

  • This section focuses on the creation of certificates and the corresponding Profile Generation of
  • Windows Not supported by the system. Creating a certificate can only be done in macOS Done, so this chapter tutorial is only available for Mac system

# 1. Create a CSR file (certificate request file)

  • Get into MacOS, click Keychain Access -> Certificate Assistant -> Request a certificate from a certificate authority,
  • Fill in the corresponding information, Keychain That contains the developer's identity information will be generated CSR(Certificate Signing Request) file, Keychain Access->A pair of keys will be added to the Public/Private Key Pair。

image

image

# 2. create appID

log inApple Backstage, create appID(bundleID), Filled In bundleID Required and filled out when applying for a mobile application account bundleID Consistent.

image

image

In addition, the following permissions must be enabled:

  • Access WiFi Information
  • Associated Domains
  • Hotspot
  • Wireless Accessory Configuration

If you are using the Multiterminal Identity Management module, open Apple Login again:

  • Sign In with Apple

If you use other native plug-ins that require the corresponding permission to be turned on, such as Apple Pay, configure the corresponding permission to be turned on.

image

# 3. Creating a Developer Certificate

Select Certificates, Click Create Certificate and select the appropriate certificate.

image

image

image

  • After generating the certificate, you can do so in Certificates -> All View the certificate and download or delete it.
  • The generated certificate (CER file) contains only the public key, and the private key is local to your computer. Download the certificate locally and double-click to open it to install it into the keychain. You can select the corresponding certificate, right-click export p12 File (containing the private key), this is used to pair the iOS App For a signature.

image

  • It is important to note that the status of the certificate must show theThis certificate is valid, certificates in other states will cause signature failures or exported IPA Not available. image

  • Certificate status displaytrustInstead ofThis certificate is validPerhaps because the certificate trust chain is incomplete, the developer can tryRight Click Certificate-> Show ProfileView the certificate trust chain. find CA Issuer, double click after downloading the certificate. image

# 4. Create a configuration file (Provisioning Profiles)

  • Click to create Profiles, select the type, and then select the previously created AppID And the corresponding type of certificate, fill in the Profile name
  • Once the configuration is complete, you can download the generated Profile File to local

image

image

image

image

image

# 5. Compile IPA

  • Generated in the above steps p12 Signature Certificates and Profile Files that can be built on the WeChat Developer Tool IPA When selecting Certificate Signing, Details Card ViewPackage generation IPA
  • Select the corresponding file can be generated IPA
  • After the type certificate is signed IPA can thenUpload to App Store Connect Arraignment

# 6. Note

  • It is important to note that the certificate and Provisioning Profiles Must be used in pairs, that is, both development types or distribution types
  • You can use developer tools and xcode. Installed to the phone running IPA Need to be generated by the Development Certificate Signature