Code signing for iOS

  • 3 minutes to read

iOS apps must be signed to run on real devices. In App Center, this process requires uploading valid signing files generated using Apple's code signing process. You must be able to successfully sign a valid app package locally before attempting to in App Center.

Signing files

Warning

App Center doesn't support signing files with special characters or symbols in the name. For example, accented characters like Ç, Ã or symbols like /.

Certificates (.p12)

  • Apple Development: Used to enable certain app services during development and testing.
  • Apple Distribution: For submission to the App Store, Ad Hoc or Enterprise distribution.

Provisioning Profiles (.mobileprovision)

  • Apple App Development: Install development apps on developer test devices.
  • Ad Hoc: Install an app on a limited number of registered devices.
  • App Store: Required for submitting your app to the Apple App Store.
  • In-House: for In-House app distribution (the profile is only available via the Apple Enterprise program).

Code signing for app and watchOS extensions

Upload an additional provisioning profile for each app extension in your app. Provisioning profiles must be of the same type.

Uploading Signing Files

Important

Make sure the signing assets you upload are those you intend to sign the app with. The bundle identifier and team ID in your app will be overwritten by the signing assets.

To sign your iOS builds, upload a provisioning profile (.mobileprovision) and your certificate (.p12 file) when configuring the build, along with the password you've set for the certificate. These files can be found in the Apple Developer Center, under Certificates, IDs & Profiles. Apple Developer: Homepage

Finding provisioning profiles

Option 1 - Getting a provisioning profile (.mobileprovision) from Apple Developer Center

  1. On the Certificates, IDs & Profiles page, click on Profiles.
  2. Pick the provisioning profile for signing your app in App Center and download it. Make sure to select the right type of profile (development or distribution). Download provisioning profile
  3. After saving the provisioning profile locally (in a .mobileprovision file), you can upload it to App Center when configuring a branch.

Option 2 - Getting a provisioning profile (.mobileprovision) automatically generated by Xcode

Note

When Automatically manage signing is enabled in the target of your project, it's possible to upload the developer provisioning profile generated by Xcode instead of one from the Apple Developer Portal. Adding new devices to the Xcode managed profile requires physically connecting the device to your Xcode machine, so this option prevents App Center from registering devices and re-signing apps for you.

  1. Enable the automatic signing option in Xcode. Refer to setting up Xcode to automatically manage your provisioning profiles Xcode provisioning profile
  2. Push the project's changes into your repository.
  3. Get the generated provisioning profile from ~/Library/MobileDevice/Provisioning Profiles/
  4. Upload the new provisioning profile Xcode has generated to App Center when configuring a branch.

Getting a certificate from Apple Developer Center (.p12)

  1. On the Certificates, IDs & Profile page, click on Certificates.
  2. Select the certificate to be used for signing your app in App Center and download it. Make sure to select the right type of certificate (development or production) and that the provisioning profile you've previously selected contains this certificate. Navigate to Certificate page Download Certificate from Apple Developer portal Also, you need the private key for the certificate installed on your Mac - it isn't included if you just download the certificate from the Apple Developer Center, you must open the downloaded certificate.
  3. After you've downloaded the certificate, locate it on your Mac and open it. This opens the "Keychain Access" app.
  4. If the correct certificate isn't selected in "Keychain Access", select "My Certificates" on the left, and locate the certificate you've downloaded.
  5. Expand the certificate to see the corresponding private key.
  6. Select the certificate and private key, then right-click for the context menu on the items and choose "Export 2 items…". Export certificate from keychain
  7. Pick a location on disk to save the file as a .p12 – it's recommended to use a strong password for the file.
  8. After exporting the provisioning profile locally, you can upload it to App Center when configuring a branch.