Some of the details of iOS app release

Bundle identifier

Xcode in Target -> General the bundle identifier ;

info.plistIn the Bundle identifier ;

Identifiers App IDs When you create a new app in the certificate center Explicit App ID ;

and iTunes Connect in-app information 套装ID must be consistent!!

There are a lot of things like scripting in Info.plist or Xcode, $(XXX) so add a little bit of environment variables in Xcode

Certificates Certificate

Apple's certificate system has always been an endless nightmare for iOS beginners, what development certificate, release certificate, push certificate, what ad hoc, beta distribution, real machine debugging ... I think every iOS beginner is just beginning to touch Apple's certificate system when the inside of the cliff collapsed and was trampled by the heart of the grass mud horse ....

In fact, Apple's certificate is not so iffy, many friends do not understand or after a period of time and do not know how to get, the essence of the reason is because of asymmetric encryption (public key encryption) do not understand ~ ~, so in order to fully control the Apple certificate, these basic knowledge is the pit of your threshold, must cross the past.

There are various explanations on the Internet Certificate Center each kind of certificate role is what, how to create, how to use, but this can only give people to fish, so Bo Master will not introduce each kind of certificate is why, because you look at the year before the Pass Type ID Certificate last one, and there was another WatchKit Services Certificate , this year, another ... Apple Pay Certificate Simply explain these certificates are not finished ~, so understand the uniform rules of these certificates is the King! Called

Original AIM

A lot of information is divided into two types of certificates, the development certificate (development), and the release certificate (distribution). But bloggers think this classification is not very unscientific, bloggers understand the classification is such

Figure 1

• • 根证书Is the developer or the enterprise corresponding, as long as the 根证书 signed app can be understood as this certificate corresponding to the developer developed. So one 根证书 can sign multiple apps.

  • 其他证书It is the same as the specific app, one app's push certificate can not be used for another app, so one 其他证书 can only be signed for one app, more specifically, the app needs to use an Apple service to produce this 其他证书 .

So the certificate that Apple adds every year is 其他证书 that these other certificates are not necessary, but rather the credentials that are required to use one of Apple's services. 根证书It is necessary that the signed app belongs to the owner of the certificate.

Figure 2

My account will have two different uses by default 根证书 , there are two apps, App1, APP2, and their respective push certificates for both purposes (belong 其他证书 ).

If I need a real machine debugging APP1 Push, then I just download 开发根证书 and App1的开发推送证书 then double-click to open the import keychain, and then create the corresponding profile can be real machine debugging;

If I want to publish APP2 now, then I just download 发布根证书 and APP2的发布推送证书 , then create the corresponding profile can be packaged to upload the app Strore. (This is because of the particularity of the release, so the computer that is published must be the computer that created it 发布根证书 .)

The profile section also covers the following pages.

I tm are around dizzy, indeed a bit of trouble a little complicated, sure enough, iOS development threshold is high ah, but brother like.

APP IDs

Multiple sets of APNs push certificates can be added to the corresponding app's edit (other certificates are similar)

Figure 3

In this statement, the 其他证书 other certificate generation, the use of the certSigningRequest file can be inconsistent with the resulting, that is, the generation of the 根证书 certSigningRequest 其他证书 computer does not necessarily need to produce 根证书 , so here also pits countless people debugging push, The details of this push are pits.

Provisioning Profiles Description File

Figure 4

I think that when the interface comes out, the eggs are sad and face to face. Then anger point Fix issue , then your team manages the certificate of the base friend suddenly found that the certificate center more than a lot of messy certificate and description file, then he burst a sentence: what the huck! Delete the Xcode * certificate and description of the file, and then the violence of their own point Fix issue , and then you suddenly can not debug, and then critical keystroke Fix issue , and finally the entire team only through Fix issue the real machine debugging ....

So be careful Fix issue , if you click on this option, smart (~ ~ ~ ~) Xcode will manage the description file, and then a variety of inexplicably with Xcode * the certificate and description file ...

In fact, as long as firmly believe that the certificate, equipment ID, AppID, description of the files are all made to be absolutely no problem!

How the description file works

Figure 5

• • In fact, the principle of document description is in the app packaging or debugging the real machine, let Xcode to check the description file inside the Bundleid and the app's Bundleid whether it corresponds.
  • The corresponding words will go to keyChain find there is no corresponding certificate (so the certificate should be downloaded well and imported keyChain )
  • If a certificate exists, the type of the certificate is checked, and if the certificate is developed, the debug device is checked for inclusion in the list of trusted device IDs in the description file and cannot be debugged if the device is not in the list of profiles, and the device ID list is not checked if the certificate type is a publishing certificate.

In addition, if the company added a test machine, and in the certificate Center to Devices add a new test machine ID, so that the description of the file should be updated accordingly, and then re-download, after downloading can delete the old description file (Bo Master direct coverage of the way the description file is not updated AH), you can do your own experiment , describing the path of the file/Users/XXX/Library/MobileDevice/Provisioning\ Profiles

XXXYour user name.

Do not overwrite! Remember to delete the first, you can exempt a lot of problems.

Those things that were pushed.

If the millions of users of the push service is not the Penguin's own custom and is pushed by the Apple APNs, then the apple push is really cool, but sometimes test push, often APNs want, pushed a half a day to, once in APNs sandbox environment rage pushed more than 1000, Then the queue lasted half a month before it was pushed out. So, Buckle is definitely a custom push, money is annoying, then wayward.

But the development of Apple push is relatively simple, if there is no high-level push demand basic no need to write code, as long as the configuration of the certificate all OK.

Now commonly used in the background server, generally push the certificate and the push certificate of the private key export P12 to the background personnel can.

PHP is a bit naughty and needs to be converted to PEM

Generate the PEM certificate required by PHP

Get ready:

1. 1. The Apple server Certificate terminal is set correctly! Packing the certificate, the description file is correct!!
   2. Download the push certificate (CER format), import keychain, guarantee the private key exists, does not exist to find the computer to create this certificate to a copy.
   3. Exported from the KeyStore ~ ~ Root Certificate ~ ~ (push certificate) private key (P12 format)

Third Step root certificate private key here is a pit! Since the creation of a push certificate for an app can be different from the one created by the root certificate, that is, the keychain is not the same, certSigningRequest so the private key is not the same, when generating PEM here, be careful to use the private key of the push certificate!

Operation Process:

1. 2. To convert a push certificate (. cer) to a. Pem file, execute the command:

      -in 推送证书.cer -inform der -out 推送证书.pem

   4. Convert the private key (. p12) file exported by the push certificate to a. Pem file:

      -nocerts -out 推送证书私钥.pem -in 推送证书私钥.p12

   6. The generated two PEM files are regenerated into a PEM file to consolidate the certificate and private key into a single file:

      cat 推送证书.pem 推送证书私钥.pem >PHPPush.pem

Then put this phppush.pem back to the backstage friends, you can get off work.

Of course, Test push is also more troublesome, need to simulate the real push environment, generally need to provide help backstage, but encountered some backstage colleagues, they have a strong belief in the chain of contempt, very despise iOS, the heart has long been called you "die Before" years, but also so many things ...

So about debug Push, Bo Bishop you push yourself! Don't bother others.

Just copy this piece of code.

<? phpDevicetoken $deviceToken=' Your Devicetoken '.;Private key password, input $passphrase when generating PEM=' 123456 ';Custom push content, with a little formatting requirements, details Apple Docs $message=Array(' Body '=>' You receive a new order '); $body[' APS ']=Array(' Alert '=> $message,' Sound '=>' Default ',' Badge '=>100,); $body[' Type ']=3; $body[' Msg_type ']=4; $body[' Title ']=' New Order reminder '; $body[' Msg ']=' You receive a new message '; $ctx=Stream_context_create();Stream_context_set_option($ctx,' SSL ',' Local_cert ',' Push.pem ');Remember to put the generated PUSH.PEM in the same directory as this PHP fileStream_context_set_option($ctx,' SSL ',' Passphrase ', $passphrase); $fp=Stream_socket_client(It is important to note that one is to develop a push sandbox environment, a formal environment for publishing pushes, and Devicetoken is not universal' ssl://gateway.sandbox.push.apple.com:2195 ', $err,' ssl://gateway.push.apple.com:2195 ', $err, $errstr,60, Stream_client_connect| Stream_client_persistent, $ctx);If(! $fp)Exit("Failed to connect: $err $errstr". Php_eol); Echo' Connected to APNS '. Php_eol; $payload=Json_encode($body); $msg=Chr(0).Pack(N,32).Pack(' H* ', $deviceToken).Pack(N,Strlen($payload)). $payload; $result=Fwrite($fp, $msg,strlen ($msg ; If  (! $result ) echo Span class= "token string" "Message Not Delivered ' ; Elseecho  ' Message successfully delivered ' ; Fclose ($fp ;< Span class= "token operator"? >             

Copy the above code and save it as push.php

Then generate the PUSH.PEM based on the steps above, "Generate a PHP-required certificate"

Two files placed in the same directory

Execute the following command

DavidDay$ php push.php 

Result is

Connected to APNSMessage successfully delivered

Was it just a push to succeed? Oh da

Packaged, distributed and in-beta

There is a lot of posture about packing, everyone has their own preferences, most of the practice is to use Xcode's one-stop service:

• • Select the appropriate description file, certificate

  • Choose ARM Architecture Model (Simulator is Intel architecture, real machine is arm architecture, not universal)

  • product -> archive

  • You can then choose to export the IPA to distribute the test on the third party platform or upload the app Stroe review

    ?

This approach is more insurance, because archive only the binary code of the real machine will be compiled, so do not worry about the export of the IPA real machine can not be installed.

Another posture is the use xcodebuild of tools, pure shell compilation, relatively bad handling errors, but the force is full of Ah, want to learn more about this posture can look at the official documents, or refer to the classmate's share

Of course, the blogger, as a loyal supporter of the drag-and-drop faction, is like this when the blogger packs the IPA:

Figure 6

Anytime build to IPA at any time.

Distribution of the general will use a third-party platform, FIR, dandelion are very good ~

About the submission of audit here, the general archive passed, the certificate is not a problem, of course, or to check whether the project calls the private API, before using reveal, the time to submit the application forgot to remove, thousand should not be the use of Xcode upload tools, nor error, Build version in Itunesconnect also appeared, just the status "is processing", generally this state lasts 10 minutes ~ 2 hours will pass, and then Bo Master confidently shut off work, unexpectedly the next day build version or "Processing", Then guess that itunes is not a problem and anger passed n packets, is still "processing", and then ready to send e-mail, open the mailbox, and so on!

Figure 7

Originally called the private interface, forget to remove reveal ~, recalling that there are three big pits,

1. 1. Xcode's upload tool is very spicy chicken!! Many errors can not be scanned, so remember Application Loader to use, fast, error reporting accuracy.
   2. Itunesconnect Error State is almost no, generally only two states are "processing", "success", so if more than two hours is still "processing", then it is very likely to package the problem!
   3. Remember to follow the email!

Package Project certificate selection must be correct (Xcode7 the following select project compile target for iphone Device do not connect the phone otherwise, Xcode7 does not need to unplug the real machine, because one more build only device option)

 编译target选错了 报错 ITMS-90530 "Invalid MinimumOSVersion. Apps that only support 64-bit devices must specify a deplyment target of 8.0 or later"IMTS-90208 "Invalid Bundle. The bundle xxx.app does not support the minimum OS version specified in the Info.plist"IMTS-90502 "Invalid Bundle. Apps that only contain the arm64 slice must also have‘arm64‘ in the list of UIRequiredDeviceCapabilities in Info.plist ")

Some of the details of iOS app release