Maintaining Your Signing Identities and Certificates
About Signing Identities and Certificates
Code signing your app lets users trust that your app has been created by a source known to Apple and that it hasn’t been tampered with.
signing identities—stored in your keychain
certificates—stored in your developer account
Viewing Signing Identities and Provisioning Profiles
To view account details
- Choose Xcode > Preferences.
- Click Accounts at the top of the window.
- Select the team you want to view, and click View Details.
If a Create button appears next to a certificate, it hasn’t been created yet. If a Download button appears next to a provisioning profile, it’s not on your Mac.
Creating Signing Identities
In the dialog that appears, click the Create button in the row of the type of certificate you want to create.
If the Create button is disabled, you are not allowed to create that type of signing identity.
Verifying Your Steps
Verifying Using Your Developer Account
- Sign in to developer.apple.com/account, and click Certificates, IDs & Profiles.
- In the Certificates section of the sidebar, select Development or Production depending on the type of certificate you want to verify.
- The type and expiration date of the certificate should match the information that you view in Keychain Access.
Verifying Using Keychain Access
When you create a development or distribution certificate using Xcode, the certificate is automatically installed in your login keychain.
In the left pane, select “login” in the Keychains section and select Certificates in the Category section.
The name of the development certificate begins with the text “iPhone Developer”
If you click the disclosure triangle next to the certificate name, your private key appears. If the disclosure triangle doesn’t appear, you’re missing your private key
Installing Missing Intermediate Certificate Authorities
To use your certificates, the correct intermediate certificate needs to be in your keychain.
An intermediate certificate ensures that your certificates were issued by a trusted source.
The intermediate certificate, named Apple Worldwide Developer Relations Certification Authority, is installed in your system keychain when you install Xcode.
First try downloading your provisioning profiles in Xcode to install missing intermediate certificates. If that doesn’t work for you, download and install the missing intermediate certificate.
- Go to http://www.apple.com/certificateauthority.
- Under Apple Intermediate Certificates, click the link for the intermediate certificate you’re missing.A certificate file, with a .cer extension, appears in your Downloads folder.
- Double-click the certificate file to install it in your system keychain.
Exporting and Importing Certificates and Profiles
After Xcode creates your certificates and profiles for you, export them to create a backup of all your assets. You do this to, for example, transfer your assets to another Mac you use for development or repair a certificate if the private key is missing.
The export file, called a developer profile, contains the following team assets:
- Development certificates
- Distribution certificates
- Provisioning profiles
Exporting Selected Certificates
Importing Your Developer Profile
You import your developer profile to restore missing private keys or when you want to switch to another Mac.
Removing Signing Identities from Your Keychain
Delete in key category first , then delete them in My certificate category
Revoking Certificates
If you’re a team admin for an organization, you may want to revoke development certificates of team members who no longer work on your project.
Revoking certificates may invalidate provisioning profiles,
Revoking development or distribution certificates doesn’t affect apps that you’ve submitted to the store nor does it affect your ability to update them
Resetting Certificates Using Xcode
If Xcode displays a Create button, the signing identity doesn’t exist in your developer account or on your Mac.
If Xcode displays a Reset button, the signing identity is not usable on your Mac—for example, it is missing the private key.
If you click the Reset button, Xcode revokes and re-creates the corresponding certificate.
Revoking Certificates Using the Developer Account
Re-Creating Certificates and Updating Related Provisioning Profiles
Revoke the certificates using your developer account
Provisioning profiles containing a revoked certificate become invalid.
If necessary, remove the signing identities for these certificates from your keychain
Remove or regenerate other types of provisioning profiles that contain the revoked certificates,
Maintaining Identifiers, Devices, and Profiles
App IDs-Registering/Editing/Deleting
Locating Your Team ID
Sign in to developer.apple.com/account, and click Membership in the sidebar.Your Team ID appears in the Membership Information section under the team name.
Provisioning profiles
A provisioning profile includes signing certificates, device identifiers, and an App ID.
Development provisioning profiles are used to build and install versions of your app during the development cycle,
Distribution provisioning profiles are used to submit your apps to the App Store and distribute them to beta testers.
Generate Provisioning Profiles with Xcode
- Connect your device to your Mac and click Use for Development in Xcode’s Organizer window.
- Sign in with the Apple ID associated with your iOS Developer Program membership and Xcode will generate a provisioning profile containing your certificate and device identifier.
Creating Provisioning Profiles Using Your Developer Account (略)
Downloading Provisioning Profiles in Xcode
- In the Xcode Preferences window, click Accounts.
- Select your team, and click View Details.
- In the dialog that appears, click the “Download all” button in the lower-left corner under the Provisioning Profiles table.
Editing Provisioning Profiles in Your Developer Account
After doing so, download provisioning profiles in Xcode
Renewing Expired Provisioning Profiles
You don’t need to make any changes to the provisioning profile. Just scroll to the bottom of the Edit iOS Provisioning Profile or the Edit Mac Provisioning Profile page, and click Generate
Configuring Your Xcode Project for Distribution
Configuring Identity and Team Settings
About Bundle IDs
A bundle ID precisely identifies a single app
reverse-DNS format. com.Acme.Hello
use an app’s bundle ID in many different places to identify the app
App ID
app’s bundle ID needs to be unique.
The string consists of a Team ID and a bundle ID search string
There are two types of App IDs:
An Explicit App ID Matches a Single App
Wildcard App IDs Match Multiple Apps
Setting the Bundle ID
Assigning the Xcode Project to a Team
Creating the Team Provisioning Profile
After you select a team, Xcode attempts to create a specialized development provisioning profile called a team provisioning profile that it manages for you.
A team provisioning profile allows an app to be signed and run by all team members on all their devices.
Setting the Version Number and Build String
The version number is a two-period-separated list of positive integers, as in 4.5.2.
The first integer represents a major revision, the second a minor revision, and the third a maintenance release.
The version number is shown in the store
The build string represents an iteration (released or unreleased) of the bundle and is also a two-period-separated list of positive integers, as in 1.2.3.
Setting Deployment Info
The deployment target setting specifies the lowest operating system version that your app can run on.
