This article explains how to create the certificates needed to publish an app to the App Store and the bundle ID used to identify the app.
For an app to be published to the App Store, some certificates and profiles must be created on the Apple Developer Program. This article explains how to create each certificate:
iOS Distribution Certificate - Apple requests that the apps are signed with a valid iOS distribution certificate. You can sign all your apps with a single certificate.
Bundle ID - The Bundle ID is used to identify the app.
Push Notification Certificate - To configure the Push notifications you will use the tool One Signal. It requests a certificate from Apple to identify the app to send the notifications to. This certificate will be created on the Apple Developer Program.
Provisioning profile - The provisioning profile saves the configuration of the apps for different devices and must be used together with the distribution certificate and bundle ID to sign the app.
The following steps must be performed on a MacOS machine, as the Keychain application is used to create the certificates. The files will be used in the Sign step while building the app.
Log in to your account on the Apple Developer Program at developer.apple.com. After being logged in, choose Account on the top menu bar, and then select Certificates, Identifiers & Profiles, either from the main page or from the menu on the left.
iOS Distribution Certificate
To build and publish the app to the store, an iOS Distribution Certificate must be created. This file has the extension .p12 and contains the certificates necessary to sign the app during its construction. This certificate is valid for one year and can be used for all your apps.
On the page Certificates, Identifiers & Profiles, select the section Certificates. In the table title, click the plus button to create a new Distribution Certificate.
When prompted about the type of certificate, choose iOS Distribution (App Store and Ad Hoc) and click Continue.
On the next page, you need to upload Certificate Signing Request (CSR). Open the Keychain application (available on any MacOS) and follow the steps described on the page. A file with the extension .certSigningRequest will be saved to your computer. Click Choose file, select the generated .certSigningRequest file and click Continue again.
Now your certificate is ready and you can download to your computer a file named ios_distribution.cer.
Open the ios_distribution.cer file. It will be automatically added to the Keychain application, and you should be able to see it on the list as iPhone Distribution: <team name> (<team ID>). Right click the row and select Export 'iPhone Distribution: [...]'. You can now save a .p12 file on your computer. During the export, you will be asked for a password. If you don't want to set one you can leave the fields empty and click OK.
This file will be necessary while building the app. You will have to upload it on the Sign step, at the 'P12 file' field.
The Bundle ID is used by Apple to identify the app among all others in the App Store. Each app to be published needs to have a unique Bundle ID.
Note: In a later stage you will have to add your project on Google Firebase using the same Bundle ID, and is very important to know that while Apple allows us to create Bundle IDs using hyphen, Google does not accept Bundle IDs using special characters, including hyphen, as you can see bellow:
On the page Certificates, Identifiers & Profiles, from the menu on the left, choose Identifiers. In the table title, click the plus button create a new App ID.
The fields must be filled in as it follows:
App ID Description - Name: the name of your app
App ID Prefix - Value: the prefix for the App ID. Select the option marked with 'Team ID'.
App ID Suffix: Select the Explicit App ID option. For the Bundle ID, Apple recommends using a reverse-domain name style. For example, if your website is conferences.cc, the Bundle ID should be cc.conferences.appname
App Services: The services to be used by the app. You must enable the Associated Domains and Push Notifications services.
Click Continue, check all the information entered and then click to Register the app. Now your app should appear on the list of iOS App IDs.
For your app to support push notifications, it must be signed it with the specific certificate. Each app should have its own unique certificate. To create one, select the app on the list at the iOS App IDs page (Identifiers > App IDs) and click Configure.
In the window that opens, click Create Certificate below the section Production SSL Certificate.
Upload the same .certSigningRequest file you exported from the Keychain when creating the iOS distribution file and click Continue. Now your certificate is ready and you can download to your computer a file named aps.cer.
Open the aps.cer file. It will be automatically added to the Keychain application, and you should be able to see it on the list as Apple Push Services: <bundleID>, for example 'Apple Push Services: cc.conferences.appname'. Right click the row and select Export 'Apple Push Services: [...]'. You can now save the .p12 file to your computer.
The .p12 file just generated will be required in order to activate the push notifications at the One Signal setup.
The app needs to be configured to launch on devices and use services. This process is called Provisioning. These configurations are saved in the provisioning profile, which exports to a file with extension .mobileprovision. This file is combined with the certificates and bundle ID to sign the app.
On the page Certificates, Identifiers & Profiles, select Distribution from the menu on the left, under the section Provisioning Profiles. In the top-right corner, click the plus button to create a new provisioning profile.
When prompted about the type of certificate you need, choose App Store under the Distribution section.
On the next screen, select the App ID that is going to use the provisioning profile and click Continue. On the following screen, select the distribution certificate. Keep in mind that the certificate selected in this step should be used together with the provisioning profile when building the app. On the last step, enter a name for the provisioning profile. You can use the name of the app, or <appname>_store for example.
Click Continue and download the file to your computer. You will need it when building the app. You will have to upload it on the Sign step, at the 'Mobileprovision file' field.