Contents x
      Generating App Store Certificate
      • 29 Sep 2022
      • 5 Minutes to read
      • Contributors
      • Print
      • Dark
        Light
      • PDF
      Contents

      Generating App Store Certificate

      • Updated on 29 Sep 2022
      • 5 Minutes to read
      • Contributors
      • Print
      • Dark
        Light
      • PDF
      Article summary

      In the developer site developer.apple.com, the user is registered as a particular organization under an Enterprise program or a Developer program

      The Developer Program enables the user to generate App Store Certificates while the Enterprise Program enables the user to generate Enterprise Certificates

      For both the certificates there are three major steps. This document holds the information on: 

      1. How to manually generate iOS certificates
      2. How to create a Provisioning Profile
      3. How to create an App Identifier (For both App Store and Enterprise Apps)

       This document aids the customer in generating App Store Certificate for their Projects.

      Generating App Store certificate: 

      Based on the role of the user, there are 3 sections available, namely:

      1. People - where the user can add people and manage other accounts
      2. Certificates, Identifiers, and Profiles - where the user can generate certificates
      3. App Store Connect - where the admin settings can be accessed

      AppstoreConnect

      In the Certificates section, users can create and generate new Certificates and view existing certificates.  

      Certificates-newpic

       The users can click the + button to generate a new certificate. 

      Adding a new certificate redirects the user to a page where they are provided with multiple options for creating certificates related to Software, Services, or Intermediate Certificates. 

      SelectiOSDistribution

       Two of the primary software certificates that Pillir focuses on are:

      1. iOS Development - For using within the organization for app creation and debugging.
      2. iOS App Distribution - For customers who wish to deploy the application in the App Store or Ad Hoc (outside the store).
        For App Store certificate, App Store or Ad Hoc (outside the store) option is selected. 

      The certificate is created in the following steps:

      1. Once the iOS App Distribution option is selected, the user clicks Continue.
      2. The user has to upload a Certificate Signing Request(CSR) to generate the new certificate. This is done using the Keychain Access.

      CSR-new

       3. On opening the Keychain access, the user has to select the Certificate Assistant from where they can request a certificate from a Certificate Authority. 

      image(41)

       4. This certificate is provided by a certificate authority to the users of a particular organization. It can be accessed by providing the name, email, and details in the Certificate Assistant popup in the Keychain Access.

      image(42)

      The certificate is saved in the local drive. image(43)

      5. Once the certificate details are saved, it is uploaded to the developer site.

      image(44)

       6. The certificate details such as Name, Type, Expiration date, and Created By are displayed and the certificate is available for Download

      image(45)7. Multiple Applications can be bound to a single certificate in the App Store. Users can locate the certificate on the System and follow a sequence of actions to Export. The steps are as follows:

       a. Locate the certificate in the system files. On double-clicking the file, it is added to Keychain Access files. 

      savecertificate

       b. Select the option “Export Pillir Appstore Distribution”.

      KeychainAccess-Export

       c. Enter the “Keychain Access Password” in the next popup.

      Keychain-password


      NOTE
      These CR Files are only accessible and available to the users who have created and downloaded them on their particular device where the CSR File has been generated. These CR files need to be exported and registered in a p12 format for making them accessible to other users on the platform. 

       How to generate App Identifiers?

      The Identifiers page can be accessed from the certificates homepage on the left. While certificates are universally accepted for the company, the App identifiers are uniquely specified for each App created in the platform.

      IdentifiersAddClicking the + button redirects users to a page with a list of identifiers. Here the users can register a new App ID and click Continue. 

      APPidFor Select a type question, choose App and click Continue.

      selectatype

      The ID registration page consists of the following details:

      1. Platform - where the App is deployed (all the iOS devices)
      2. Description - A short description of the App needs to be entered
      3. App ID Profile - Consists of the bundle ID given to a particular app. The general format is com.companyname.appname
      4. Capabilities - Multiple App capabilities are listed out. Since Pillir’s EdgeReady Apps only support push notifications, only that capability is enabled.

      registerappid From the Capabilities section, The Push Notification option is selected.  After the details are given, the user clicks Continue.

      push notificaation-new

      Finally, the user can verify all the entries made and click Register.

      ClickRegister

      The newly created identifier is displayed on the Identifiers list.

      Registeredidentifierspage

      NOTE

      The bundle ID has to be unique. If a bundle ID with the same name exists already, it throws an error and the identifier cannot be created. 

      Steps to create a Production SSL certificate:

      To configure a push notification for an App ID, a client SSL certificate that allows your notification server to connect to the Apple Push Notification Service is required. The SSL certificate can be generated by the following steps: 

      1. The push notification can be configured by clicking the Identifier

      SSLcerti-clickidentifier-step1

      2. The user clicks the Configure button in the push notification option under the Capabilities section. (The identifier has to be edited and then configured.)

      SSLcerti-configure-step23. A popup opens requesting the Push notification service SSL Certificate for both Development and Production environments. 

      SSLcerti-popup-step3

      Note
      Development SSL certificate is meant for developers and works only with Xcode.

       4. For deploying the application, we select the Production environment certificate. The Create a New Certificate page opens. Select the Platform as iOS and upload a Certificate Signing Request(CSR) file.

      SSLcerti-newcertif-step4

       A certificate is generated using the certificate assistant by entering the respective credentials. 

      SSLCertif-certassistant-step5 The certificate is exported and stored in the local file. 

      SSLCert-savetodisk-step6

      SSLCert-savetodisk-step6b(1)

      6. Production environment certificate requests the users to select the Platform and provides a link to upload the certificate. 

      SSLcert-uploadcert-step7

      7. After uploading the certificate, the user clicks Continue. Once the certificate is uploaded, it is available for Download. The certificate can be Revoked if not required. 

      SSLCert-download-step8 

      NOTE

      Similar to the Apple ID certificate, for the production certificate with the App identifier and Push notifications, a CSR certificate needs to be generated. 

      In the Keychain access, using the certificate assistant, a new CSR production certificate is generated. The generated certificate is exported in p12 for multiple user access.



      How to create Provisioning Profiles?

      In the same section below the certificate and identifiers, there is an option called Profiles where the provisioning profiles are created. 

      ProvProfile(1)

      Similar to App identifiers, every Mobile App will require its own provisioning profile. These profiles are created for development and distribution purposes.  

      NOTE

      Multiple profiles can be created for a single App identifier, but there cannot be multiple identifiers for a single profile. 


      Steps to create a Provisioning Profile:


      1. The user has to create a Profile for the App store under the Distribution section. Once selected, the user clicks Continue. 


       2. On clicking the Continue button, the screen is redirected to the Profiles page where the appropriate Identifier (created in the previous step) is selected from a dropdown list. Then the user clicks Continue to proceed with the next step.

      Provcert-selectappid3. The user has to select the latest certificate generated from a list of recent certificates.

      4. The provisioning profile is given a Profile Name.

      Provcert-profilename

      5. After all the details are furnished, click Generate to go to the next page.

      6. Click Download to get the Provisioning Profile.

      Provcert-download

       6. A newly created profile is displayed in the Profiles section.


      NOTE
      1. Multiple profiles can be created for a single App identifier, but there cannot be multiple identifiers for a single profile. 
      2.  Since the creation of the profile does not involve any CSR certification, it can be easily downloaded, installed, and accessed on any device.
      Was this article helpful?
      What's Next
      ESC

      Eddy AI, facilitating knowledge discovery through conversational intelligence