Demystifying iOS code signing and provisioning profile
Every iOS apps available in the app store must be certified. Let’s walk through the things to get in hand before we publish any app to the app store or to beta testers. This blog will be talking about the creating the certificates and profiles needed for the apps to be published.
Let’s get started… 🤓
Why Code Signing ?
An app must be signed with a certificate provided by the Apple before it is integrated with app services, or installed in devices or even published to app store.
Code signing ensures which app, developed by which developer, can run on which device. To verify the app hasn’t modified since you signed it.
What is required to code sign an app ?
→ Certificate Signing Request (CSR)
→ Certificates
→ App ID
→ Provisioning Profiles
Certificate Signing Request (CSR)
Apple must identify the developer and then issues a certificate for the developer.
For this the developer needs to create a CSR from their local machine on the Keychain Access application.
Fill the apple id and the common name to save it on the disk.
On continue, the CSR will be downloaded at the specified location. Which later can be uploaded in the apple developer portal.
Certificates
You will be needing a Apple Membership Portal to generate a certificate. (The Apple Developer Program annual fee is 99 USD and the Apple Developer Enterprise Program annual fee is 299 USD).
Visit Apple Developer Portal to create certificate for development or distribution.
Select Certificates, IDs and profiles section in the dashboard → Certificates tab → Add a new development/distribution certificate → Upload the CSR you have it in the local → Download the certificate issued by Apple.
Double click the downloaded certificate, which will be added to the keychain access application.
Register your App ID
App id consists of two parts Team ID (Apple generate for your development team) and Bundle ID (Uniquely identifies your app in Apple’s ecosystem).
Visit the Apple Developer Portal to register the app id,
Select Identifiers → App IDs → Explicit / Wildcard Bundle id → Register
Devices
In order to use the development or Ad hoc distribution, the developer must provide the list of devices in which the app can run and tested.
Vist the Apple Developer Portal under device tab.
To register your device, provide the UDID and the common name of the device to identify amongst your development team.
Provisioning Profiles
In order to run your app in device provisioning profile is needed, which requires three things
- Certificates (Development or Distribution)
- App Id
- Device (Name and Unique Device Identifiers)
Provisioning profiles can be created for both development and distribution. Use development certificate for creating a development profile (likewise for distribution).
Checkout the previous steps for creating the certificates, registering device and App ids.
Profiles can again be created in the Apple Developer Portal under the tab profiles.
Add new profile → Choose respective type of profile (dev or dist) → Provide the apple id → Choose the generated certificate → Choose the devices (if any) → Download the profile
Development provisioning profile
To run an app on the simulator we don’t need any code signing. It right away runs the app on the simulator.
But to make the app run on the real device,
- Certificate: Development certificate
- Profile: Development provisioning profile
provided that the device is connected to the mac over cable or over the network.
Distribution provisioning profile
- Certificate: Distribution certificate
- Profile: Ad Hoc / Enterprise / App store distribution provisioning profile
Provisioning profile doesn’t require the list of devices except Ad Hoc distribution.
Sources : Internet and many related blogs.
Stay tuned for upcoming post on how to publish apps in appstore. ✌️:)
Please leave your thoughts and comments in the comment section :) Happy coding. 👩💻
