Create app certificates and keys
      Back to home
      1. CC Knowledge Base
      2. Publish apps on the stores
      3. Create app certificates and keys

      Apple Developer Program: Creating iOS certificates for publishing to the App Store

      This article explains how to create the certificates needed to publish an app to the App Store and the bundle ID used to identify the app.

      For an app to be published to the App Store, some certificates and profiles must be created on the Apple Developer Program. This article explains how to create each certificate:

      • iOS Distribution Certificate - Apple requires the app to be signed with a valid iOS distribution certificate. You can sign all your apps with a single certificate.

      • Bundle ID - The Bundle ID is used to identify the app.

      • Push Notification Certificate - To configure the Push notifications, you will use the tool One Signal. This requests a certificate from Apple to identify the app to send the notifications to. This certificate will be created on the Apple Developer Program.

      • Provisioning profile - The provisioning profile saves the configuration of the apps for different devices and must be used together with the distribution certificate and bundle ID to sign the app.

      The following steps must be performed on a MacOS machine, as the Keychain application is used to create the certificates. The files will be used in the Sign step while building the app.

      Log in to your account on the Apple Developer Program at developer.apple.com. After being logged in, choose Account on the top menu bar, and then select Certificates, Identifiers & Profiles, either from the main page or from the menu on the left.

      iOS Distribution Certificate

      To build and publish the app to the store, an iOS Distribution Certificate must be created. This file has the extension .p12 and contains the certificates necessary to sign the app during its construction. This certificate is valid for one year and can be used for all your apps.

      On the page Certificates, Identifiers & Profiles, select the section Certificates. In the table title, click the plus button to create a new Distribution Certificate. 

      Screenshot 2023-05-22 at 14.39.21

      When prompted about the type of certificate, choose iOS Distribution (App Store and Ad Hoc) and click Continue.

      On the next page, you will need to upload your Certificate Signing Request (CSR). Open the Keychain application (available on any MacOS) and follow the steps described on the page. A file with the extension .certSigningRequest will be saved to your computer. Click Choose file, select the generated .certSigningRequest file and click Continue again. 

      Screenshot 2023-05-22 at 14.38.44

      Now your certificate is ready and you can download the file named ios_distribution.cer  to your computer.

      Open the ios_distribution.cer  file. It will be automatically added to the Keychain application, and you should be able to see it in the list as iPhone Distribution: <team name> (<team ID>). Right click the row and select Export 'iPhone Distribution: [...]'. You can now save a .p12 file on your computer. During the export, you will be asked for a password. If you don't want to set one you can leave the fields empty and click OK.

      This file will be necessary while building the app. You will have to upload it on the Sign step, at the 'P12 file' field.

      Bundle ID

      The Bundle ID is used by Apple to identify the app among all others in the App Store. Each app requires a unique Bundle ID to be published. Do not add any special characters, including hyphens.

      Note: In a later stage you will have to add your project on Google Firebase using the same Bundle ID, and it is very important to know that while Apple allows us to create Bundle IDs using hyphens, Google does not. This includes special characters, including hyphens, as you can see below:

       


      On the page Certificates, Identifiers & Profiles, from the menu on the left, choose Identifiers. In the table title, click the plus button create a new App ID.

      Screenshot 2023-05-22 at 14.40.26

      The fields must be filled in as it follows:

      • App ID Description - Name: the name of your app

      • App ID Prefix - Value: the prefix for the App ID. Select the option marked with 'Team ID'. 

      • App ID Suffix: Select the Explicit App ID option. For the Bundle ID, Apple recommends using a reverse-domain name style. For example, if your website is conferences.cc, the Bundle ID should be cc.conferences.appname

      • App Services: The services to be used by the app. You must enable the Associated Domains and Push Notifications services.

      Click Continue, check all the information entered and then click to Register the app. Now your app should appear on the list of iOS App IDs.

      Push Notifications

      For your app to support push notifications, it must be signed with the specific certificate. Each app should have its own unique certificate. To create one, select the app on the list at the iOS App IDs page (Identifiers > App IDs) and click Configure. 

      In the window that opens, click Create Certificate below the section Production SSL Certificate.

      Upload the same .certSigningRequest  file you exported from the Keychain when creating the iOS distribution file and click Continue. Now your certificate is ready and you can download a file named aps.cer  to your computer.

      Open the aps.cer  file. It will be automatically added to the Keychain application, and you should be able to see it on the list as Apple Push Services: <bundleID>, for example 'Apple Push Services: cc.conferences.appname'. Right click the row and select Export 'Apple Push Services: [...]'. You can now save the .p12 file to your computer. 

      The .p12 file just generated will be required in order to activate the push notifications at the One Signal setup.

      Mobile provision

      The app needs to be configured to be able to launch on devices and use services. This process is called Provisioning. These configurations are saved in the provisioning profile, which exports to a file with extension .mobileprovision. This file is combined with the certificates and bundle ID to sign the app.

      On the page Certificates, Identifiers & Profiles, select Profiles from the menu on the left.

      In the table title, click the plus button to create a new provisioning profile. 

      Screenshot 2024-01-15 at 13.28.12

       

      When prompted about the type of certificate you need, choose App Store under the Distribution section.

      On the next screen, select the App ID that is going to use the provisioning profile and click Continue. On the following screen, select the distribution certificate. Keep in mind that the certificate selected in this step should be used together with the provisioning profile when building the app. On the last step, enter a name for the provisioning profile. You can use the name of the app, or <appname>_store for example. 

      Click Continue and download the file to your computer. You will need it when building the app. You will have to upload it on the Sign step, at the 'Mobileprovision file' field.