I have read the Apple documentation, and many postings on the subject on SO, along with various tutorials, and yet I have to admit I don't 100% understand what profiles to use when and how, and usually resort to trial and error until I find a combination that works.
However at the moment I'm in the situation that an ad-hoc app (that used to install) via iTunes now no longer does either on my phone or on tester's phones, though it will install using XCode. The error message on the phone is juts "ZZZ failed to install.".
I have the following profiles installed in XCode:
1) Ad-hoc distribution profile
2) Team provisioning profile
3) Development profile
4) Apple Push Profile
Some questions:
1) Which profile should I use in the Code Signing Identity section of the Target Build Settings and why?
2) Which profile should I use when distributing an Ad-Hoc Deployment?
I would assume for 2) it should be the Ad-hoc distribution profile? If not what/when should that profile be used?
If the Ad-Hoc distribution profile is used in step 2) then I guess I have to use the Apple Push Profile in step 1)? Otherwise how can I receive APNs?
When then should I be using the other profiles?
A few follow up questions:
3) In what circumstances would or should you set a different code signing identity in the Project to the Target?
4) By default there are 5 sections in the Code Signing Identity (Code Signing Identity, Debug, Debug Any iOS SDK, Release, Release Any iOS SDK). In general should these all be the same? Under what circumstances would or should they be different?
5) What is the Code Signing Entitlements section used for?
I've been working with iOS development for quite a while, and would consider myself advanced in many areas, but this one just does my head in.
Many thanks if somebody can demystify this.
1) Development profile, must be generated after APNS profile. You don't sign bundles with APNS certificate, it is for server. But in you development and ad-hoc profile will be part with info about Push Notifications, so you need to re-creare dev and ad-hoc profiles after changes in APNS settings in provisioning portal. For proper usage of APNS you should read additional materials, like that or any other. If app has no APNS, you can use team provisioning profile with your developer name for debugging as well.
2) Yep, Ad-hoc.
3) If you have more then one target in the project
4) I used development profile as "Debug" (same in "Debug Any iOS SDK") and ad-Hoc profile as "Release" (same in "Release Any iOS SDK)".
Welcome to crazy world of app signing!
Related
I've got a Distribution Provisioning Profile I use for distributing my application to QA testers via AdHoc builds / HockeyApp. I'm also part of a team of other developers working on other apps, and they have their own QA teams.
Whenever someone else adds a device to the Apple Developer Member Center (previously the "Provisioning Portal") located at https://developer.apple.com/membercenter/index.action , the Distribution Provisioning Profile becomes Invalid.
To make the profile valid again, I must open up the profile and include all of the newly added devices in the profile, then re-download it.
This is all fine, but it seems unnecessary. My Distribution Provisioning Profile should only need the devices of my app's testers linked to it, not the devices others have added for their own testing purposes.
Does anyone have any information / links to documentation on why this happens (searches only seem to bring up the common issues with provisioning profiles in general that people always run into when starting out), and whether or not there is a way to get around it?
Thanks,
- Adam
I had a couple questions when trying to put an app on the app store.
1) With Xcode 5 when trying to validate the archived project, Xcode 5 keeps crashing when trying to download the provisioning profile from the net. I have refreshed the provisioning profiles using the Preferences >> Accounts >> View Details and have clicked the refresh button but it still crashes when I try to validate.
2) Is it best practice to have a separate distribution certificates and provisioning profiles for each app you put on the app store? right now I have a separate provision profile for my apps but they are under one certificate. Can you guys tell me what the best practice is?
3) And can you try to explain what the certificates and the provision profiles are doing? Also, what would the difference between distribution provision profiles and development provisioning profiles.
1) - Check what version of Xcode you're running. I had a similar issue where I was running a developer preview - you can't submit an app from a DP version of Xcode, and mine was crashing at the exact same point as yours.
2) - Having 2 certificates - 1 for dev, 1 for distribution seems to be the norm. I would suggest that you use explicit app ids and not the wildcard ID when you go to create your App ID though.
3) The way I see it, Provisioning profiles are your wrappers for your different things that make it up - mainly the signing certificate, the app id and the device id(s) - You select either a distribution or a dev signing certificate to determine if the app is being developed or submitted to the app store. You select the App ID to tell the app what functions it will have (iCloud, Data protection, etc) and what teams can work on the app. The Devices are what UDIDs are authorised to run this app that has this associated provisioning profile. The provisioning profile is how it's all packaged up.
As another way to look at it, You have your .ipa file (your app) and your provisioning profile. The device looks at the profile, checks if the devices UDID is present in the provisioning profile, checks the App ID to see what features it's allowed to run, and the certificate is used to sign it all off.
Hope this helps.
I'm trying to get my app to work with TestFlight by following this article on their website. At step 5 when it says to select your Development Provisioning Profile and Ad Hoc Provisioning Profile, I'm not sure what to do:
Go to the Build Settings tab and scroll down to the Code Signing
section. For the two default build configurations (Debug and Release),
select your Development Provisioning Profile for Debug and your Ad Hoc
Provisioning Profile for Release. Leave Code Signing Entitlements
blank.
How do I create these? The whole provisioning profile thing is so confusing. For my phone I just clicked "Use for development" or whatever and it basically worked to test my app on. Do I have to create something different?
(Yes I'm a registered developer.)
You have to create provisioning profiles for adhoc and distribution.
See http://developer.apple.com/library/ios/ipad/#documentation/ToolsLanguages/Conceptual/YourFirstAppStoreSubmission/TestYourApponManyDevicesandiOSVersions/TestYourApponManyDevicesandiOSVersions.html
Under 'create an AdHoc provisioning profile'
Yes, you'll have to create a Distribution and Development profiles. This is done on http://developer.apple.com/ ...follow the most updated how-to's appl provides or RECENT online tutorials and go for it.
The process used to be incredibly confusing, but has gotten much simpler over the past few years, don't be scared by all the old things your read. Also, many common tasks like renewing profiles are now autmomated in the XCODE organizer. However, creating these in the first place is done using the dev website and Keychain Access.
You may still struggle a bit to get going the first time, but knowing how to work with provisioning is essential if you want to test/share/distribute/sell your apps.
I've been under the impression for some time that for iOS, signing a build with a developer provisioning profile allows the app to run (and get debugged) on an authorized device (listed in the development provisioning profile) through an XCode build, whereas signing with a distribution profile allows the app to be run (but not debugged) on other iOS devices that have been specifically added to the distribution provisioning file for the purposes of QA/beta testing/etc (and installed via iTunes sync or OTA distribution), without the need for those QA/beta-testers to even know what an XCode is.
Seems to match several of Apple's own docs:
"When you’re ready to share your app for user testing [...], you need
to create an archive of the app using a distribution provisioning
profile and send it to app testers" (source)
and
Code Signing with a development profile allows your app to run on
device through Xcode, and signing with a distribution profile allows
you to create distribution builds.
The certificate named "iPhone Developer" allows you to run/debug your
app on iOS devices through Xcode, and the certificate named "iPhone
Distribution" allows testing your submission build with Ad Hoc
distribution (source)
This seems to imply that using a distribution profile is necessary to do app sharing outside of the App Store, and for years I've always assumed this to be true. Recently however, I've been shown a use case from another colleague where they've been able to share builds with many other people using only a development provisioning file. Another user has described a similar discovery here: Why not use development provisioning instead of ad hoc?
I'm worried I might be missing something here, I'm now suspicious that there are cases where as long as another user has access to a relevant developer provisioning profile that includes their device's UUID, and installs it on their device (drag into iTunes, config utility, etc), that they would be able to sync Developer builds through iTunes as well, without the need for making separate Distribution builds.
This has led me to question some of the assumptions I've had about the nature of the differences between developer and distribution builds in general. I'm starting to think that it's more about debug support and general ease of installation, rather than the nature of how it's installed (XCode vs iTunes/OTA explicitly).
In short, if a device has it's UUID included in a developer provisioning profile, do I really need to make separate distribution builds, or can I simply share a Release Development build and assume that will work with an iTunes sync as well? Does the "Use for Development" button in organizer have any real relevance to this?
More broadly: what are the fundamental differences between Developer and AdHoc builds in terms of how they can be shared among other people within an organization in the development/testing phase before being submitted to the App Store?
Check this SO Post for the differences listed out between developer and distribution builds. From a developer perspective, there is not much difference whether you want to distribute your app either by signing it with a developer profile or distribution profile, provided you are not testing push notifications.
I never know which profiles I am supposed to be signing a build and signing a release for ad-hoc distribution with.
I've tried signing the build with the ad-hoc distribution profile and then the package with the push profile but that didn't work, so just tried many combinations until I hit one that worked.
Yesterday after months of hassle-free operation regarding signing I had to re-install XCode after it kept crashing and then I could no longer sign for development on my own phone nor for ad-hoc distribution onto other's phones.
I tried dozens of combinations of different profiles until eventually I got an ad-hoc release that I could install on somebody else's phone, but then XCode crashed again and I've lost what that combination was, making me want to cry, and I don't want to go through that process of trying all possible combinations again.
Within XCode in the Code Signing Identity section I have the following choices:
a) Apple Push Profile
b) iOS Team Provisioning Profile
c) NNN Development Profile, where NNN is the name of the project/product being developed
d) iPhone Distribution Company Name which is described as an identity without provisioning profiles.
e) ad hoc distribtion
Which of these 5 above should I be using to sign a build to run on my own device using XCode? Do I need to change it to ad-hoc distribtion when building to send a package to others to install via itunes?
Secondly, once I've built an archive and want to create an ad-hoc deployment to send it to testers for them to install via iTunes, there is the additional step of signing the built package, for this I am offered the following choices:
1) Apple Push Profile
2) NNN Development Profile
3) iOS Team provisioning Profile
Which of these 3 should be used to sign the ad-hoc deployment.
Thank you very much.
I have 4 provisioning profiles for my apps.
One is the iOS Team provisioning profile supplied by Xcode
The other 3 I've generated via the Apple iOS Provisioning Portal.
1 development profile that is general for my company:BlahBlah.com.myCompany.*
1 adhoc distribution profile that is also general for my company:differentBlaBlah.com.myCompany.*
1 Distirubution profile that is product-specific: BlahBlah.com.myCompany.NNN
When I test on my machine, I use the Xcode-generated one. When I run it on my devices, I use the dev. profile. When I build for distribution to testers, I use the adhoc. When I upload to iTunes, the 3rd.
No entitlements anywhere.
HTH!
Janene