iOS Certificate description and publishing

Source: Internet
Author: User
Tags key string custom name

1. First through Keychain Access--Certificate assistant--Request certificate from Certificate Authority--Fill in Certificate information (mailbox, common name, storage to disk)-- Save As (custom name. Certsigningreuqest, referred to as the CSR file, just to be submitted to the Apple developer account and then useless) to the local

2. Create the certificate (development and production) in the Apple developer account--Upload the CSR file--Download the certificate run (xxx.cer file)

Note: Only the local generated certificate is generated on the current PC, uploaded to the Apple Development Account, and then downloaded the CER file, the certificate and the corresponding secret key are available in the keychain.

If developer B, log in to the developer account, download the certificate (CER file) to run, only the certificate does not have a secret key, is not normal use

So if a new colleague joins the development team, you should select the certificate from the local keychain and export the P12 file (containing the certificate and key) to the colleague. You can also give a colleague a copy of the provisioning profiles file (config file) for local development of identification test equipment

Export P12 File: Keychain--Select certificate-right-click Export-Save As--set P12 file password

(after sending to a colleague, double-click the P12 file, enter the password, install the certificate locally successfully)

It needs to be stressed that the certificate and project relationship is not large, the certificate is generally valid for only one year, when the certificate expires, only need to regenerate a certificate, upload to the developer account, and because the original certificate expires, you need to regenerate the provisioning profiles file. And then give them the latest P12 files and provisioning profiles files.

So the certificate in the developer account, configuration files can be assured operation (such as mistakenly deleted, or can't find the certificate key)

Add the Apple developer account to Xcode

Xcode Toolbar--xcode--preferences--accounts--left corner Add Apple id--enter Apple account, password

In the project Target--general--team, you can select the project corresponding developer account

(When Bulid's new device does not add Devicetoken to the developer account devices, Xcode will prompt you to not recognize the device, and the fix Issue,xcode in Xcode will automatically be in the developer account, Create a new provisioning profiles profile for this device and install it locally, the only bad thing is that there will be a lot of fragmented configuration files under the developer account profile)

About the app release

Modify the version of the project, as well as the versions of the project debug for release

(debug to release requires testing, some third-party libraries may have some incompatible release version )

Product--scheme--edit Scheme modifies the build configuration of Run/test/analyze/archive (when released, only Archive is required)

Apple Developer Center--itunes connect--My app--Create/Select App-fill in basic changes/Add new version (build)

Release validation

product--desination--selecting iOS Device

product--archive--Right click validate--Select certificate--validate--wait--validate successful--right click Submit to APP Store (submit build)-- Submission Successful

Apple Developer Center--itunes connect--My app--Select App-Submit build Success-Choose Auto Release/Manual Release-Submit audit

Awaiting approval

Permanent address of this article: http://blog.it985.com/11387.html

First of all, to describe the location of the certificate, the role, so that in the production of the mind has a spectrum, the whole process of grasping will be accurate;

1, developer certificate (divided into the development and release of two, the type of iOS Development,ios distribution), this is the most basic, whether it is the real machine debugging, or upload to AppStore are required, is a base certificate, used to prove their developer identity;

2, AppID, this is the independent identity of each application, in the settings can be configured to configure the app's permissions, such as whether to use the Passbook,gamecenter, and the more common push service, if the push service is selected, Then you can create a push certificate mentioned in 3rd below, so, in all and push related configuration, the first thing to do is to first open the support push service AppID;

3, push the certificate (divided into two types of development and release, the type is APNs development Ios,apns distribution iOS), the certificate in the AppID configuration to create a build, and the developer certificate, installed on the development computer;

4, Provisioning Profiles, this thing is very apple features a thing, I generally called the PP file, the file will be AppID, developer certificate, hardware device binding to one, in the developer Center is configured to add to Xcode, can also directly on the Xcode to connect the developer center generation, the real machine debugging needs to add the real machine in the PP file Udid, is the real machine debugging and shelves necessary treasures;

Usually our production process is generally based on the above sequence, first use the developer account to login to the developer Center, create a developer certificate, AppID, in the AppID to open the push service, in the Open Push service option below to create a push certificate (server-side push certificate see below), Then in the PP file to bind all the certificate ID, add debugging real machine, etc.;

The following procedures are described:

1, the developer certificate production, first login to the developer center, find the Certificate configuration section, poke into the certificate, will show the following interface, click on the upper right corner of the plus

The following interface appears, the operation is repeated two times, respectively, the development of test certificates and publish certificates, the development of test certificates for real-machine debugging, publishing certificates for submission to AppStore, we take the development of test certificates, for example, the first red box to select the content;
Then next, you will be prompted to create a CSR file, which is the certificate signing request file, there will be very detailed instructions, if the English is not very good, you can refer to;

Then save the CSR file to a place;

Note: The CSR file is made as often as possible for each certificate, separating common names, because the common name is the name of the key in the certificate;

Then submit the CSR file in the developer center;

Upon submission, a CER certificate is generated, valid for one year;

Use the same method to configure the distribution publishing certificate, download save, double-click Install, in the key string login certificate can be viewed, where the name of the private key is the CSR request file in the common name;

2, the above developer certificate configuration is complete, the following we configure AppID and push certificate, select AppID in the left column, tick the push option on the right, add push function for the corresponding app for the AppID, see the button to create the certificate, respectively, to develop the certificate and publish the certificate. The following process is the same as the above 1 to create a certificate, is to establish a certificate request file, and then submit the build on the line, it should be noted that although the left column in the certificate bar can also be directly created a push certificate, but it is recommended in AppID, check the push service is created here, This avoids the fact that push is not available due to forgetting to open the push service;

After the certificate is created, download and save, double click to install;

3. Finally, we will make the PP file

This process is done two times, respectively, to create a development test with the PP file and publish the PP file, the former for the real machine test, the latter for the submission of the release; Ad hoc format is generally used for enterprise accounts, where we ignore;

Submit after selection

will automatically detect the matching AppID, in addition to the drop-down item can also choose the wildcard format, the format is automatically generated, using the * wildcard, for batch, no push, passcard and other services applications; We select the AppID we just created, and then select the certificate;

Continue, here is a difference, because the development of PP file test version needs to debug the real machine, so we need to bind the real machine, here because I added some devices, so here can be directly selected to add, if not, you need to copy the Udid of the real machine here to add, in the release of the PP file, There is no such a step;

After the input of a PP file name, and then generate, download and save, double-click to add to the Xcode library, so in the real-time debugging or publishing, you can have a different PP file and its corresponding;

The effects added to Xcode are as follows:

So far, client development and shelves required certificate file configuration has been equipped, the sky is late, tomorrow to configure the service side of the push certificate used, then another chapter, the iOS bizarre push process also smoothed a smooth, originally wanted to write a piece of, did not expect the whole so long, work home black go!

Permanent address of this article: http://blog.it985.com/11383.html

1. Concept Introduction

If you have a developer account, open certificates, Indentifiers & Profiles in iOS Dev center and you'll see the following list:

Profile portal has been revised for some time, the structure of the revision is clearer and easier to understand and manage than before.

The list above contains everything you need to develop, debug, and publish iOS apps: Certificates, Identifiers, Devices, Provisioning Profiles. Here are a few things to explain.

Certificate

A certificate is used to sign an application, and only a signed application can guarantee that his source is trustworthy, and that the code is complete and unmodified. In the code Signing identity of Xcode Build setting, you can set up a certificate for signing code.

As we all know, before we apply for a certificate, we need to apply for a certificate Signing request (CSR) file, and this process actually generates a pair of public and private keys, saved in the keychain of your Mac. Code signing is using this encryption method based on asymmetric secret key, signing with the private key, validating with public key. As shown, the associated public key and private key are stored in the login of your Mac's keychain, and the certificate contains the public key. You can only use the private key to sign, so if you do not have a private key, it means that you can not be signed, so you can not use the certificate, at this time you only revoke the previous certificate to apply for one. Therefore, it is a good idea to export and save your private key when you are finished applying for the certificate. When you want to share a certificate with other people or other devices, pass the private key to it. The private key is saved in your Mac, and the Apple-generated certificate contains the public key. When you sign your code with your private key, Apple can use the public key in the certificate to verify that you signed the code, not someone impersonating you, but also ensuring the integrity of the code.

Certificates are divided into two main categories: development and Production,development certificates for developing and debugging applications, production primarily for distributing applications (depending on the type of certificate), The following is the classification information for the certificate: (the certificate validity period is in parentheses)

(Note: Different types of certificates can be created for various developer accounts, please see my other article for a comparison of the developer account and Inhouse certificate related content)

    • Development
      • App development (1 years): Used to develop and debug applications on the real machine.
      • Push Development (1 years): Used to debug Apple Push Notification
    • Production
      • In-house and Ad Hoc (3 years): Applications that are used to publish in-house and adhoc.
      • App Store: Used to publish apps that submit the App Store.

      • MDM CSR
      • Push Production (1): Used to use Apple Push Notification in release builds.
      • Pass Type ID Certificate
      • Website Push ID Certificate

There are some types of certificates I have not used, so I do not understand the specific role.

APP ID

The APP ID is used to identify one or a set of App,app IDs that should be consistent or matched to the bundle IDs in Xcode. The APP ID has the following two main types:

    • Explicit App ID: A unique app ID that uniquely identifies an application, such as COM. ABC.DEMO1, identifies the program with bundle ID com.ABC.demo1.
    • Wildcard App ID: A wildcard app ID that identifies a group of applications. For example * can represent all applications, while COM. Abc.* can be expressed as COM. All applications that start with ABC.

Each time you create an app ID, we can set up the app services that the app ID uses, which is the extra service it uses. Each additional service has different requirements, for example, if you want to use Apple Push Notification Services, you must be a explicit app ID so that you can uniquely identify an application. The following are all currently optional services and the corresponding configuration requirements.

If your app uses any of the above-mentioned service, it needs to be configured as required.

Device

Device is the simplest, the iOS device. The devices contains all the devices available for development and testing in this account. Each device uses UDID to uniquely identify it.

The number of devices in each account is limited to 100. Disable a device will not increase the number of places, only the beginning of membership year to remove the equipment to increase the quota.

For a question about the number of devices, see this article.

Provisioning profile

A provisioning profile contains all of the above: certificates, App IDs, devices.

Imagine that if we were to pack or run an application on a real machine, we would first need a certificate to sign it to identify the application as legitimate, secure, complete, and so on, and then need to indicate its app ID and verify that the bundle ID is consistent; You need to confirm that the device can be used to run the program. and provisioning Profile packs all this information together so that we can use it when debugging and releasing the program, so we just choose different profiles for different situations. And this provisioning profile file is embedded in the. IPA package when it is packaged.

For example, as shown in, a provisioning profile for development contains the app ID for that provisioning profile, the certificates and devices that can be used. This means that using this provisioning profile wrapper must have the appropriate certificate and that the program that corresponds to the app ID be run to the device contained in devices.

As mentioned above, the process of running an application on a single device is as follows:

As with certificates, Provisioning profile is divided into development and distribution two types:

(Note: The types of certificates that can be created by different account types are different, obviously the type of profile is related to the kind of certificate you can create)

    • Development (1 years)
    • Distribution (1 years)
      • In house
      • Ad Hoc
      • APP Store

The difference between House and ad hoc is that there is no limit on the number of devices, and ad hoc is used for testing purposes, and ad hoc packages can only run on the available devices that are registered in the account, apparently with a limit of up to 100 devices. So the difference between the two provisioning profiles is that the device limitations are different, and the certificate they use is the same.

2. Development/Release Process

Understanding the above concepts, and then look at the development and release process is very simple, and I believe that you do not have to see the tutorial can be done in one step to complete all the operations.

Development/real-machine commissioning process

According to the above introduction, we can know that the following steps are mainly development:

    • Request a Certificate
    • Join the device
    • Generate Provisioning Profile
    • Set up Xcode Code sign Identifer

In fact, the third step is usually unnecessary because we are usually developing with the iOS Team Provisioning profile generated and managed by Xcode because it is very convenient, so you do not need to manually generate the Provisioning profile yourself.

IOS Team Provisioning profile is the first time you add a device using Xcode, Xcode automatically generates a wildcard App ID (*, matching all applications) generated by Xcode. The account contains all the devices and all development certificates as shown. As a result, all members of the team can use this iOS Team Provisioning profile to debug all applications on all the devices in the team. And when a new device is added, Xcode updates the file.

Release process

There are a lot of processes on the web to publish the App Store, and I won't go into it, but according to the concept above, whether it's the app store, in-house or AD-HOC, the packaging process is similar, and includes the following key steps:

    • Create a publishing certificate
    • Create App ID
    • Create a corresponding provisioning profile
    • Device bundle ID and app ID match
    • Set up Xcode Code sign identifer, select the appropriate profile and certificate for signing, packaging

The above is a certificate, Provisioning profile, App ID and so on.

Permanent address of this article: http://blog.it985.com/11375.html

iOS certificate description and publishing

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.