Understand certificate, App Id, Identifiers, and Provisioning profile

Source: Internet
Author: User

Do the real-time test, according to the online process, walked through, at that time did not pay attention to the meaning of various certificates. Now do message push, need a variety of certificates, APP ID information, in order to better understand the process, so collated the online certificate and other relevant information. Convenient for yourself and a friend in need.

Content reference from: http://blog.csdn.net/hitwhylz/article/details/22989507

http://my.oschina.net/u/1245365/blog/196263

When you're ready for a real-time test or a release to the App Store, you'll have to apply for a certificate. (development--test Certificate.) distribution--Publishing Certificate)

Go to the certificate management site Https://developer.apple.com/account/ios/profile/profileList.action.

It is easy to find such a few things.

Among them, devices refers to the equipment of course. No introduction is made here. Each developer account can be associated with 100 devices. You can add your device directly from Xcode.

Now, focus on the certificate, AppID and provisioning profiles.

Certificate (certificate)

A certificate is a credential that you have the right to develop, a developer's identity, equivalent to an ID card, and a developer account with only one set. A set of two, development and distribution (i.e. production).

Where the development certificate provides developers with the ability to debug on a computer, multiple copies can be made for distribution to multiple computers.

The distribution certificate gives developers the ability to publish iOS programs, which means you have the power to publish programs to the App Store. Only one, cannot make copies distributed to multiple computers.

The following is the classification information for the certificate: (the certificate validity period is in parentheses)

    • Development
      • App development (1 years): Used to develop and debug applications on the real machine.
      • Push Development (1 years): Used to debug Apple Push Notification
    • Production
      • In-house and Ad Hoc (3 years): Applications that are used to publish in-house and adhoc.

      • App Store: Used to publish apps that submit the App Store.

      • MDM CSR
      • Push Production (1): Used to use Apple Push Notification in release builds.
      • Pass Type ID Certificate
      • Website Push ID Certificate

Note:

Before we apply for a certificate, we need to apply for a certificate Signing request (CSR) file, and this process actually generates a pair of public and private keys that are stored in the keychain of your Mac. Code signing is using this encryption method based on asymmetric secret key, signing with the private key, validating with public key. As shown, the associated public key and private key are stored in the login of your Mac's keychain, and the certificate contains the public key. You can only use the private key to sign, so if you do not have a private key, it means that you can not be signed, so you can not use the certificate, at this time you only revoke the previous certificate to apply for one. Therefore, it is a good idea to export and save your private key when you are finished applying for the certificate. When you want to share a certificate with other people or other devices, pass the private key to it. The private key is saved in your Mac, and the Apple-generated certificate contains the public key. When you sign your code with your private key, Apple can use the public key in the certificate to verify that you signed the code, not someone impersonating you, but also ensuring the integrity of the code.

APP ID

The APP ID is used to identify one or a set of App,app IDs that should be consistent or matched to the bundle IDs in Xcode. The APP ID has the following two main types:

    • Explicit App ID: A unique app ID that uniquely identifies an application, such as COM. ABC.DEMO1, identifies the program with bundle ID com.ABC.demo1.
    • Wildcard App ID: A wildcard app ID that identifies a group of applications. For example * can represent all applications, while COM. Abc.* can be expressed as COM. All applications that start with ABC.

Each time you create an app ID, we can set up the app services that the app ID uses, which is the extra service it uses. Each additional service has different requirements, for example, if you want to use Apple Push Notification Services, you must be a explicit app ID so that you can uniquely identify an application. The following are all currently optional services and the corresponding configuration requirements.

If your app uses any of the above-mentioned service, it needs to be configured as required.

Identifiers
    • Identifiers is the "identifier", approximately equal to the identity card, used to create the following three:

      APP IDs

      Pass Type IDs

      Website Push IDs

Where the app ID is the unique identifier of the app, and the app ID is different for each app

Provisioning profile

A provisioning profile contains all of the above: certificates, App IDs, devices.

Imagine that if we were to pack or run an application on a real machine, we would first need a certificate to sign it to identify the application as legitimate, secure, complete, and so on, and then need to indicate its app ID and verify that the bundle ID is consistent; You need to confirm that the device can be used to run the program. and provisioning Profile packs all this information together so that we can use it when debugging and releasing the program, so we just choose different profiles for different situations. And this provisioning profile file is embedded in the. IPA package when it is packaged.

For example, as shown in, a provisioning profile for development contains the app ID for that provisioning profile, the certificates and devices that can be used. This means that using this provisioning profile wrapper must have the appropriate certificate and that the program that corresponds to the app ID be run to the device contained in devices.

As mentioned above, the process of running an application on a single device is as follows:

As with certificates, Provisioning profile is divided into development and distribution two types:

(Note: The types of certificates that can be created by different account types are different, obviously the type of profile is related to the kind of certificate you can create)

    • Development (1 years)
    • Distribution (1 years)
      • In house
      • Ad Hoc
      • APP Store

The difference between House and ad hoc is that there is no limit on the number of devices, and ad hoc is used for testing purposes, and ad hoc packages can only run on the available devices that are registered in the account, apparently with a limit of up to 100 devices. So the difference between the two provisioning profiles is that the device limitations are different, and the certificate they use is the same.

2. Development/Release Process

Understanding the above concepts, and then look at the development and release process is very simple, and I believe that you do not have to see the tutorial can be done in one step to complete all the operations.

Development/real-machine commissioning process

According to the above introduction, we can know that the following steps are mainly development:

    • Request a Certificate
    • Join the device
    • Generate Provisioning Profile
    • Set up Xcode Code sign Identifer

In fact, the third step is usually unnecessary because we are usually developing with the iOS Team Provisioning profile generated and managed by Xcode because it is very convenient, so you do not need to manually generate the Provisioning profile yourself.

IOS Team Provisioning profile is the first time you add a device using Xcode, Xcode automatically generates a wildcard App ID (*, matching all applications) generated by Xcode. The account contains all the devices and all development certificates as shown. As a result, all members of the team can use this iOS Team Provisioning profile to debug all applications on all the devices in the team. And when a new device is added, Xcode updates the file.

Release process

There are a lot of processes on the web to publish the App Store, and I won't go into it, but according to the concept above, whether it's the app store, in-house or AD-HOC, the packaging process is similar, and includes the following key steps:

    • Create a publishing certificate
    • Create App ID
    • Create a corresponding provisioning profile
    • Device bundle ID and app ID match
    • Set up Xcode Code sign identifer, select the appropriate profile and certificate for signing, packaging

The above is a certificate, Provisioning profile, App ID and so on, the next article will introduce the following in-house certificate related content.

PS below to describe how to apply for a certificate: First step: Request a local certificate

To apply for a certificate, you must first apply for a certificate on our computer to find:

Click "Other" to find "keychain":

Choose to request a certificate from the authority, note the following red box, you must select that one before you can:

Click to see:

If you choose "Save to Disk", then "user email address" Just fill in a few, click "Continue":

"Save As:" You can name the certificate, choose a location, click "Save":

This creates a certificate on the desktop.

Note This local certificate can be used to generate both a "development certificate" and a "Publish certificate".

The following is only the "Publish certificate" application, the application of the "Development certificate" step is the same, that is, another option

Step Two: Apply for a certificate in the developer account

We entered the $99 Development Account to see:

Click Certificates, Identifiers & Profiles, and go to the page to see:

If you want to apply for a development certificate select development, if you want to apply for publishing a certificate, select Production, the step is to select the "+" sign after adding a certificate:

Click "+" to see:

If you select "Develop Certificate", click on the first red box

If you select "Publish Certificate", click on the second red box

After selecting, click "Continue":

When clicked, it appears:

Select "Choose File" to upload the certificate that you just requested to be saved locally:

After uploading, click "Generate" to generate the certificate.

Select "Download".

At this point, our locally generated certificate is useless and can be deleted.

We return to the certificate interface to see the certificate we have requested:

A general application for a publishing certificate (iOS distribution), a development certificate (iOS development) is sufficient.

Find the downloaded file, double-click it and add it to the keychain. In this step, if the keychain refuses to be added, simply drag it into the keychain:

So the certificate has been completed, with the certificate, you can then apply for a variety of profiles for development use

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.