So when providing a build to a client we archive it with our key and provisioning profile and they then resign it again with their key. But then how do we enable iOS Push Notifications Capabilities as we can't create the archive for the bundle ID with our keys after enabling the capability.
Thanks
I'm afraid you're out of luck. When you use entitlements in your app you have to use the proper Bundle-Id, Certificate and Provisioning Profile when archiving. We had the same problem and the only solution was to use proper Development Signing.
By that I mean:
Ask your client to give you access to his Developer Portal. They only need to give you the 'Member' Role. With that you can create your own Development Certificate, and you can download existing Provisioning Profiles, but you can't do much more than that.
Create your own Development Certificate.
Ask your client to generate a Development Provisioning Profile for the app in question and have your Development Certificate included. This Provisioning Profile also needs to include the Push Notification Capability.
Install the Certificate and the Provisioning Profile on your machine or CI server and set up the Xcode Project to use these for signing.
Don't forget to use the final Bundle-Id now.
Archive your app. You'll get a development-signed Xcarchive which includes all Entitlements / Capabilities.
Now you can transfer this Xcarchive to your client. They will need to re-sign it with their Distribution Certificate and Provisioning Profile and can then upload to the AppStore.
Related
A company that I am developing a project for, gave me a .mobileprovision file and a .p12 certificate to add APNS to their project. As long as I've added their provision profile to my project in XCode, XCode keeps saying "iPhone has denied the launch request." when I try to build project on my physical device.
I've tried deleting certificate Apple Worldwide Developer Relations Certification Authority, and adding another user account to mac but non of them worked. Only when I disabled Debug executable, the app launched successfully, but it's not a solution because I need to debug the app.
Should I tell them to add my device UDID to their account's devices on developer.apple.com?
You've been given an Adhoc distribution provisioning profile, which don't allow the debugger to attach (they're missing the get-task-allow entitlement), as they're for use when you distribute your app for testing, not local development.
If you need to debug, they'll have to supply you with a development p12 certificate and a matching provisioning profile.
You are trying with Development Profile vs Distribution Profile?
Distribution Profile:
With AdHoc Distribution profile, you can't debug any app it should be used for distribution only.
Development Profile:
If you didn't add your device UDID to the provisioning profile, you can try to do that and re-generate the provisioning profile and download it.
In Keychain Access, you will get to know which profile you received from the team,
gave me a ".mobileprovision" file and a ".p12" certificate
That seems like a red herring. I would suggest ignoring both of those. If they want you to work on their app, they simply make you a team member. Done! Your own dev center membership is then sufficient to debug on device.
I am planning to send an xarchive file which was created using development provisioning profile and development certificate to client and client can resign it using their App Store certificates and provisioning profile.
Some people warned me not do it because as it will give development build so debugger informations will be part of it and its debug build and development certificates are not meant to do this.
Distribution certificates are meant to do it atleast I have to sign it using ADhoc provisioning profile and distribution certificate for making the xarchive and this xarchive can be used by client and they can re-sign it again and it should not be a problem
I am very much confused with it.
Someone kindly clarify.
Sending an xarchive which is signed by dev signers to client to re-sign it using their App Store signer is risky or not ?
I am trying to prepare an ad-hoc build for an iOS app. I am registered as a team member(TEAM ROLE) in apple development program.
My team admin has already generated distribution certificate and have registered device and also generated distribution provisioning profile.
Now I want to know , If I want to create build from my local system, Does the provisioning profile itself is sufficient to make the build or I need to install distribution certificate as well?
I am curious to know because I think, provisioning profile has all the necessary information like:
Distribution Certificate and device info
Thanks for your help.
No, you will need both the distribution certificate and the matching provisioning profile installed on the machine doing the build.
If the distribution certificate isn't installed you won't be able to select it from the 'Code signing identity' build setting.
I have submitted an app to the app store. When i did this i was developing my app with a developer signing identity, then i created a distribution signing identity but i couldnt get xcode to use the distribution identity, so i deleted the developer identity and set only the distribution. Now i want to do things right, so i managed to import both identities in xcode and i can see them in xcode -> preferences -> view details
What's next? how do i generate the binary to upload it to the itunes connect using the distribution identity? Any tips about uploading an app to the app store will be helpful.
If you are confirmed the provisioning certificates are correct for both the development and production, you will have to set the correct Code Signing Identity and Provisioning Profile under the Built Settings for both Project and Target.
Debug -> Development
Release -> Production
This way, when you are developing and you run the project directly from XCode to your device, it will be using the development certificate. If you achieve it and extract to IPA. Then, it will be using the production certificate.
If you have a third certificate (Ad-Hoc Production) for beta testers, you may interchange that under the release with distribution certificate.
See the screen shot below.
Follow steps:
First create distribution provision certificate with valid bundle identifier on apple account(For this you should have the main distribution certificate).
Download and double click on certificate.
Then give bundle identifier name which you used while creating certificate in plist.
in Code signing select certificate of distribution
Clean build and archive it.
validate with iTunes and create ipa. then upload build using application loader on App Store.
Hope this will help. This is the common procedure of creating certificate, .ipa and uploading build.
The client has given me the distribution profiles, how can i add the profiles in xcode 5?
As far as i know distribution certificates are responsible for distribution profiles. Importing distribution certificate enables and add all the distribution profiles in xcode. Without certificate distribution profiles can't be used.
Please correct me if i am wrong and suggest the work around for importing profiles in xcode 5.
Deployment phase is new for me.
Thanks
Importing the profiles is just double clicking on them. You can't use the profile without the private key for the certificate that was used to generate the profiles. This need to be exported from the keychain (usually as a p12 file) and imported onto your development machine.
It is possible that the client exported a package containing all of this info using Xcode, then double clicking should install everything required.
Importing distribution certificate enables and add all the distribution profiles in xcode
No, importing one doesn't automatically import the other.
There are no workarounds, you need to be supplied with both the certificate (private key) and the profiles.
A distribution profile is basically a way to make a trust relationship between a particular distribution certificate (which identifies your organisation as a registered Apple development organisation), a particular app or group of apps (identified by an AppID like com.foo.bar.myawesomegame), a set of valid devices where the app can be installed (in the case of ad-hoc distribution; in the case of App Store distribution this is not required), and a set of enabled services, like In-App Purchases.
In your particular situation, if the client wants to test your app, and you are provided with a valid distribution provisioning profile (a file with .mobileprovisioning extension), you also need to install a valid distribution certificate on your computer. The client can download this certificate from http://developer.apple.com (Member Center) and send it to you so you can import it on your machine with a double click on the .cer file.
To enable external users test an app, there's a simpler process, providing that your organisation is a registered Apple development organisation: First, you generate a distribution certificate from http://developer.apple.com. Then, you create a distribution (ad-hoc) provisioning profile and add the distribution certificate and the UUIDs of the iPhones the client wants to use for testing. The client can get the UUIDs from the iTunes app, for example. Then, you can download both the certificate and the distribution profile to your computer, double click to import them into Xcode, and finally sign the app (.ipa file) so that the client can test it on their own devices. You can do that by choosing Product, Archive in Xcode and selecting your distribution certificate and provisioning profile.