👉 Apple official documentation
Certificates certificate
-
As we know from the Developer Center, developer certificates are divided into two types: Development Certificate and Production Certificate. Both certificates have corresponding subordinate certificates, including push certificates, Apple Pay certificates, Pass Type ID certificates and a series of subordinate certificates.
-
It’s important to note that when we release an app to the AppStore, the release computer must have two conditions:
-
The P12 file exported from the computer that created this issue certificate is installed
-
The publishing certificate was downloaded from the developer account
The role of certificates
When a computer has a developer certificate installed, how does that computer get this capability?
-
Apple uses code signing here. Code signing verification allows our operating system to determine who (you or a trusted team member) signed the App.
-
Xcode will use your code signature verification during project compilation. This verification consists of an Apple-certified public key-private key pair stored in your Keychain. The public key is included in the Certificates. Public key certificates are stored in local keychains and developer accounts.
-
In addition, there are what we can call Intermediate Certificates to make sure that our Certificates are authorized to be published. When Xcode is installed, the media certificate is already installed in our keychain. If you accidentally delete your media credentials, don’t worry. You can download it again.
-
We can use legitimate certificates to test and publish the App through certificates that have been verified in both Developer Account and local Mac.
Method 1: Quick create method (using Xcode to create)
Method 2: Create a CSR file and make a certificate
1. Open the computerKeychain access
2. Select the menuKeychain access
–Certificate of assistant
–Request a certificate from a certificate authority
3. Enter your Email address and name and make sure it matches the one you registered as an iOS developer (it doesn’t matter if they don’t)
The CA email address column can be empty
4. Select Saves to Disk. You are advised to save them to a desktop for easy search
5. Open theDeveloper CenterLogin to the developer account
6. SelectCertificates, Identifiers & Profiles
Enter and selectCertificates
7. SelectCertificates
Click Add on the right
8. ChooseiOS App Development
, used for real machine debuggingCertificates
File, clickContinue
. Then it will ask you to Create a CSR file and clickContinue
Go to the next step to upload the CSR file
9. Click on theChoose File
Select the SCR file you just stored on your desktop and clickGenerate
. The certificate we want will be generated soon!
10. We can click on the certificate just generatedDownload
Download it for local use
Use of certificates
If developer B logs in to the developer account and downloads the certificate (cer file) to run, only the certificate without the private key cannot be used normally. Therefore, if a new colleague joins the development team, you should select the certificate from the local key string. Be sure to expand the certificate line to display the private key and select both lines. Right-click to export the two items and enter the password to generate a P12 file (containing the certificate and private key) for your colleague.
In addition, a Provisioning Profile can be provided to colleagues to identify test equipment for local development.
It is important to note that certificates are not really relevant to the project. Certificates are usually valid for only one year. When the certificate expires, you just need to create a new certificate and upload it to the developer account. Then give colleagues the latest P12 file and Provisioning Profiles
So the developer account certificate, configuration file is safe to operate (such as accidentally deleted, or can not find the certificate private key)
Provisioning Profiles Profiles
Here, I quote a quote from someone else, because I think it’s funny, but it’s honest.
I think when this screen pops up, it hits me with the balls. Then your gay friend who is in charge of certificate management suddenly noticed that there were so many chaotic certificates and description files in the certificate center, and he exploded: What the fuck! Delete the certificate with Xcode * and the description file, and then violently click Fix issue yourself. Then suddenly you can’t debug, and then hit Fix Issue, and finally the whole team has to use Fix Issue to debug.
So beware of Fix issue, if you click on this option, clever Xcode will manage the description file itself, and then all sorts of weird certificates with Xcode * and description files…
In fact, as long as you believe in a point, the certificate, device ID, AppID, description file are correct must force no problem!
Description file expired
Apple’s official documentation states that enterprise certificates are valid for three years, while description documents are valid for only one year. So when your description file expires. Don’t panic, I’ve seen a lot of online friends say delete and regenerate, but it doesn’t have to be that troublesome, just need 3 steps: click the expired description file to expand the details screen – click the Edit button – click the Generate button
Thanks to DavidDay, frog cow for the resource reference
Thank you again for taking the time to read this article!
Weibo: @danny_ Lu Changhui blog: SuperDanny