About distribution certificate (with private key) in keychain - ios

I understand that in iOS app development, for team collaboration, the leaving developer should export the distribution certificate from his keychain app because only his Macbook has the private key used as code signing identity. (Please correct me if I am wrong here.)
My questions are:
1. Am I right that the distribution provisioning profile for app store & the provisioning profile for ad-hoc distribution using the same code signing identity?
2. Am I right that if we lost the contact of leaving developer who has distributed the app to Apple Store, I can just delete the distribution certificate & corresponding distribution provisioning profile in Apple Developer account , and create a new distribution certificate & profile on my Macbook so that I have the new signing identity in my keychain, I don't need the leaving developer to export his, because the distribution certificate & profile is only used to distribute the app to Apple store or do ad-hoc distribution? Is there any harmful consequence I missed if do so?

For question 1
Yes, distribution certificate is used for uploading app to apple store. And development for running on device or sending build.
For question 2
Yes, you can simply revoke his certificate. And create new one. That way your previous developer certificate are not required. Moreover, he wont be able to use them anymore and you can create new one and keep your certificate on apple developer account clean.
Hope it clears your doubt.

Related

Signing Certificates and Provisioning Profile for iOS Development

I'm new to iOS development and I'm getting a bit confused with the usage of signing certificate and provisioning profile. Let's say there's an iOS project which involves multiple developers and each developer works on the development using their own MacBook. In this case, do all the developers need to use the same signing certificate and provisioning profile for the app? As I'm aware that the private key of the certificate is stored in the Keychain of the developer who created the CSR. Can multiple certificates tie to the same provisioning profile? Any clarification would be much appreciated. Thanks.

Distribution Certificate not shown as an option when Generating a Provisioning Profile

Background: trying to set up test-flight for IOS development as an individual.
Problem:
In the Apple developer website,
while I can see my distribution certificate and my developer certificate under the Certificates tab, when I try to generate a Provisioning Profile, it only shows the developer certificate as an option but not the distribution certificate (which to my understanding is what is needed to set up test-flight).
perhaps Apple is just taking a while to process the new distribution certificate as I created it just now...?
any ideas? what might have I missed?
Maybe I am supposed to delete the development certificate first?

certificate, provisioning profile etc for my new iOS app

I have created an iOS app. The app is already in the store. Now, I am creating a new iOS app. I am wondering, what should I change in regard to development certificate, distribution certificate, provisioning profile.
I am reading this document. It says the following:
You use the same development and distribution certificates for iOS,
tvOS, and watchOS apps.
OK, does it mean for the new app, I can use the same development & distribution certificate as the old app is using? If so, what about provisioning profile? Could someone please clarify all these to me for the new app?
====== Other related questions =====
What if the app is developed by other developers, we are in the same team, now I create a new app. Do I need to create new certificate, provisioning profile, etc?
If developer A developed an app & distributed to Apple store, then he left the company. Developer B needs to fix the same app and upload to Apple store again. What does developer B needs from developer A? The private key, right? Other things certificate, provisioning profile from developer B can be used by developer A directly right?
#Shubham Ojha, thanks for your comment below. But I still want to ask the following scenario: We are several developers in the same company, we have a company Apple developer account. One developer has created the development/distribution certificate, provisioning profile, etc for the first app, then, he left company.
Now questions are :
For the same app, I need to fix some bugs and release to Apple store again, what do I need to do with those certificate? I think the private key is on that developer's laptop right? Do I have to have that private key in order to release the app?
For a new app, what do I need to with those certificates?
You can use the same development and distribution certificates for a new app, since the certificates are bound to a developer or any development/distribution team respectively.
Only you need to create a new App Id from the developer portal(member center) and you can select the same developer and distribution certificates while creation of the provisioning profiles.
Yes you need to export the certificates from the MAC on which it was created first and the private key is also required for its installation on any other MAC. But if the employee hasn't submitted that, then you need to create a different signing identity using your Xcode->preferences->accounts->View Details(of Apple ID associated with developer account). Here you can create the signing identities and export them.
At below link you will get all your answers with proper step by step documentation, if you still have any doubts feel free to ask.
https://developer.apple.com/library/content/documentation/IDEs/Conceptual/AppDistributionGuide/MaintainingCertificates/MaintainingCertificates.html
For a new app also you need the same certificates since certificates are for team/developer and not for a particular app.

How about Apple’s enterprise distribution iOS apps

I have a iOS app use the account A.
My client gave me an enterprise account B for In-House distribution.
I'm not allowed to revoke their existing certificates and they do not provide .p12 and .developerprofile.
I called the apple center and they told me NO .P12 key can also publish procedures but did not told me how to do.
My E-mail have joined the team,
I create a new app id and a provisioning profiles but the provisioning profiles is error in my Xcode.
error message:The private key for "XXX" is not installed on this Mac.
My question:
I just want to release .ipa for in-house type how to do?
thx!
You will need to p12 (private key) form the client or revoke the current profile. There is not other option. Do not revoke any provisioning profiles for current apps since they may used.
Also explain to the client what you are doing and the consequences that it may have, if they are not able to provide you with the necessary certificates.
You generate a Certificate Sign Request (CSR) from your Keychain, login to your developer account and choose your client's team.
You then create an enterprise certificate which will have to be approved by your client's team manager. Once that is done you will be able to download it and install it on your keychain.
After that generate a provisioning profile for the app you want to distribute, download and install it on Xcode.
Build your app with this certificate and save the IPA for enterprise distribution.

iOS ad hoc distribution with .p12 from customer

I have an app developed and working with our company's profile and distribution cert. I just recieved the .p12 from the company that we are going to be distributing to, and am trying to rebuild the app with their certificate. However, when I select 'Archive' I receive
"No unexpired provisioning profiles found that contain any of the keychains signing certificates"
I believe I'm missing something here, but google and I can't figure it out. Do I need a new profile with that certificate in it? If so how do I go about uploading the .p12?
Thankyou very much.
With the p12 you are enabling your computer to make releases for the outside company but what you need right now is the provisioning profile associated with that app (it will be specific if you have in app purchases or push notification otherwise it will be the default developer profile) and that .p12
Check out your keychain, distribution certificate has key. If not then install right certificate.

Resources