Task 1: Prepare for the build environment

Task 1.1: Register for an Apple ID

Follow the onscreen instructions on My Apple ID to create an Apple ID if you do not have one.

Task 1.2: Prepare the Mac machine

Buy a Mac machine and install the latest Xcode on the Mac machine.

You will need to have a Mac machine with the Xcode tool installed already to create and install the distribution certificate and the provisioning profile; run the Xcode project of the application and create the app archive; distribute the app archive; etc.

Install Xcode

Click https://developer.apple.com/xcode/ to download the latest Xcode, which is 10.1 by the time of writing.

Sign in with your Apple ID, follow the onscreen instructions to register your Apple ID as an Apple developer, and download and install the latest Xcode tool from the above mentioned website.

For more information on Xcode, see the documentation provided on the Apple website.

Task 1.3: Enroll in an iOS Developer Program

Enroll in an iOS Developer program at https://developer.apple.com/programs/.

Carefully compare the programs and choose one that suits you best, because different distribution types (App Store, Ad Hoc, In-House, etc.) will be available in different programs, for example, App Store Distribution is available in iOS Developer program only, while In-House Distribution is available in iOS Developer Enterprise program only.

Below is a brief introduction to the three distribution types that are commonly used (detailed instructions for these distribution types are provided with in the section called “Task 4: Distribute the app archive”):

  • App Store Distribution: allows you to submit the app for publication to the Apple App Store.

    You would need to enroll in the iOS Developer program.

  • In-House Distribution: allows you to install the app to an unlimited number of devices inside your company.

    You would need to enroll in the iOS Developer Enterprise program.

  • Ad Hoc Distribution: allows you to install the app on a limited number (up to 100) of registered devices.

    You would need to enroll either in the iOS Developer program or the iOS Developer Enterprise program. And you would need to register the devices by their unique device ID (UDID) and add them to the provisioning profile. For details, refer to Registering Devices Using Member Center in the Apple document App Distribution Guide.

IMPORTANT NOTE:

If you enroll in the iOS Enterprise Program, you are responsible for managing the Enterprise Program certificate and provisioning profile. According to the Apple policy, the iOS Enterprise Program certificates expire after three years and provisioning profiles expire after one year, which means, before the distribution certificate expires, you will need to request an additional distribution certificate and replace the expired one, and before the provisioning profile expires, you will need to renew the provisioning profile using a valid certificate. Otherwise the mobile app distributed using the enterprise provisioning profile will not launch after expiration. For more details, refer to Managing Expiring Certificates and Provisioning Profiles in the Apple document App Distribution Guide.

Figure 22. Compare programs

Compare programs

Task 1.4: Create an App ID

An App ID is required when you create the provisioning profile and when you compile the Xcode project to be an IPA file later.

An App ID is a unique identifier for the app. It is composed of two parts: the App ID Prefix and the App ID Suffix (also called Bundle Identifier). The App ID Prefix is a 10-character hexadecimal string generated by the iOS Certificates, Identifiers & Profiles page. It is unique to you and your developer account. The App ID Suffix is a name you enter called the Bundle Identifier. The Bundle Identifier can be explicit or a wildcard. Wildcard Bundle IDs are great for quick development – you do not have to create a new ID for each and every app you test. We will use wildcard Bundle IDs in this tutorial.

To create an App ID:

Step 1: On your Mac machine, log in to the Apple Developer Member Center with your Apple ID and password.

Step 2: Click the icon or text next to Certificates, Identifiers & Profiles.

Figure 23. Identifiers

Identifiers

Step 3: Click App IDs under Identifiers, then click the plus sign (+) button near the top-right corner.

Figure 24. Add an App ID

Add an App ID

Step 4: Enter a description, for example, "My Mobile Apps", which cannot include special characters (including most punctuation).

For App ID Prefix, understand that it is automatically generated by the iOS Certificates, Identifiers & Profiles page.

For App ID Suffix, choose Wildcard App ID to use a single ID to match multiple applications. Enter an asterisk (*) as the last digit of the Bundle ID. For example, "com.abcexample.*".

Remember the App ID (Prefix & Suffix), especially the App ID Suffix (Bundle ID), as it will be used in the Xcode project settings and the iTunes Connect app record.

Figure 25. Information for the App ID

Information for the App ID

Step 5: Click Continue.

Step 6: Confirm the App ID information and click Register.

Task 1.5: Create & install a distribution certificate

A distribution certificate is required to sign the code and create an app for testing and submitting to the Apple Store etc.; it is different from a development certificate which is used for development purpose in Xcode. You must have a valid distribution certificate linked to a distribution provisioning profile.

Note that if you use an iOS Enterprise Program distribution certificate, the certificate will expire after three years, you will need to request an additional certificate to replace the old one before expiration. For more, refer to Requesting Additional Enterprise Distribution Certificates in the Apple document App Distribution Guide.

Create a CSR file

To generate a distribution certificate, you will first need to create a Certificate Signing Request (CSR) from your Mac. Follow the instructions below to create a CSR file using Keychain Access.

To create a CSR file:

Step 1: Open Finder on your Mac, select the Application folder, then open the Utilities folder, and launch Keychain Access.

Figure 26. Utilities folder

Utilities folder

Figure 27. Keychain Access application

Keychain Access application

Step 2: Within the Keychain Access drop down menu, select Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority.

Figure 28. Request a certificate from a certificate authority

Request a certificate from a certificate authority

Step 3: In the Keychain Information window, enter the following information:

  • In the User Email Address field, enter your email address. Use the same email address you used to register in the iOS Developer Program.

  • In the Common Name field, create a name for your private key.

  • The CA Email Address field should be left empty.

  • In the "Request is" group, select the "Save to disk" option.

Step 4: Click Continue.

Figure 29. Certificate information

Certificate information

Step 5: Click Save to save the CSR file to your Mac desktop.

You will need to upload this CSR file when you create the distribution certificate in the next section.

Figure 30. Save CSR to Desktop

Save CSR to Desktop

Create & install a distribution certificate

Now you should go back to the Apple Developer Member Center to create a distribution certificate.

Step 1: In the Certificates, Identifiers & Profiles page of the Member Center, choose Certificates > Production, then click the plus sign (+) button near the top-right corner.

Figure 31. Add a certificate

Add a certificate

Step 2: First drag down the page and click Worldwide Developer Relations Certificate Authority to download AppleWWDRCA.cer to your Mac.

Figure 32. Download the AppleWWDRCA.cer

Download the AppleWWDRCA.cer

Then click AppleWWDRCA.cer in the Downloads folder on your Mac to add the certificate to Keychain Access. You should be able to see the "Apple Worldwide Developer Relations Certificate Authority" certificate listed in the Keychain Access window.

Step 3: Return to the page for adding the iOS certificate, select a certificate type (App Store and Ad Hoc), then click Continue.

Figure 33. App Store and Ad Hoc distribution

App Store and Ad Hoc distribution

Step 4: If you have already created a Certificate Signing Request (CSR) file in the previous section, click Continue to upload the CSR file. If not, you could follow the directions on this page or in the previous section Create a CSR file to create one.

Step 5: Click Choose File to select your CSR and click Generate.

Figure 34. Upload CSR file

Upload CSR file

Figure 35. Generate a certificate

Generate a certificate

Step 6: Click Download to download the distribution certificate to your Mac.

The distribution certificate (ios_distribution.cer) appears in your Downloads folder on your Mac.

Figure 36. Download Distribution Certificate

Download Distribution Certificate

Step 7: Click the distribution certificate (ios_distribution.cer) in the Downloads folder on your Mac to add it to Keychain Access. The certificate is then listed in the Keychain Access window, as shown in the following figure.

Remember the name of the certificate, as you will need to use it later when creating the iOS application archive (IPA) file.

Figure 37. Installed Certificate

Installed Certificate

Task 1.6: Create & install a distribution provisioning profile

Depending on how you will distribute the app (App Store, In-House, or Ad Hoc), you need to create different distribution provisioning profiles.

The steps for creating the different distribution provisioning profiles are similar. To create a Store provisioning profile or an In-House provisioning profile, you select 1) an App ID and 2) a single distribution certificate. To create an Ad Hoc provisioning profile, you select 1) an App ID, 2) a single distribution certificate, and 3) multiple test devices. For details, refer to the below steps, or refer to Creating Store Provisioning Profiles, and Creating Ad Hoc Provisioning Profiles in the Apple document App Distribution Guide.

Step 1: Go back to Certificates, Identifiers & Profiles, scroll down to the end of the left navigation pane and choose Provisioning Profiles > Distribution, and then click the add icon ().

Step 2: Select a distribution type and click Continue in the Select Type tag.

You will be provided with different distribution types according to the programs you enrolled in. If you enrolled in the iOS Developer Program, you would choose between App Store and Ad Hoc; if you enrolled in the iOS Developer Enterprise Program, you would choose between Ad Hoc and In-House.

Note that the In-House or Ad Hoc provisioning profile that is created using the iOS Enterprise Program distribution certificate will expire after one year. You will need to renew the provisioning profile before expiration, otherwise the mobile app distributed using these provisioning profiles will not launch after expiration. For more, refer to Renewing Expired Provisioning Profiles in the Apple document App Distribution Guide.

Step 3: Select your App ID and click Continue.

Step 4: Select the distribution certificate you have created in Task 1.4: Create & install distribution certificates and click Continue.

Step 5: Select the devices you want to use for testing, and click Continue.

Note: This step is only required if you create the Ad Hoc provisioning profile.

Step 6: Enter a profile name and click Generate.

Step 7: After the profile is generated, click Download to download and use it.

Step 8: Double-click the downloaded file to install the provisioning profile in Xcode.

Now that you have finished creating and installing the distribution certificate and the provisioning profile containing code signing, you are ready to create the app archive.