Creating and Managing Apple Developer Certificates
How to create and manage signing certificates and provision profiles without XCode.
This is one of the few topics developers rarely want to discuss. When they do, here's what the dialog looks like.
Dev: "Hey, the app isn't publishing to TestFlight because XCode isn't working.... something about the certificates."
PM: "OK. What do we do?"
Dev: "Let me just mess with it and see if I can get it to work."
30 minutes later....
PM: "Hey, did you figure it out?"
Dev: "Ya, for now."
PM: "What did you do?"
Dev: "I have no idea I just pushed some buttons on XCode and it works."
PM: "OK. Cool."
Part of the challenge is that the entire process is excruciatingly confusing. The Apple documentation could be better but it's not so here's my attempt to streamline the steps.
Streamlining the Process
This article is unique in that I am intentionally not going to use XCode to complete the provisioning process. The main reason is because I work with teams from all over the world and some prefer to develop apps using Hackintosh computers. These steps therefore will show you, an administrator, how to manage your apps and certificates without relying on XCode.
Note: This article is for developers interested in building apps, not beta testers. If you're trying to use TestFlight, that's a whole other topic which will not be covered here.
Here is a high-level overview of the steps required to create an Apple Provision Profile.
Gather the device UUID's you'll be using to test your app.
Add the UUID's to Apple's device portal.
Create a Signing Certificate Request on my local machine.
Request a Signing Certificate from Apple's portal.
Create an App ID from Apple's App ID portal.
Create a Provisioning Profile from Apple's Provisioning Profile portal.
A Signing Certificate Request is sort of like an administrative application. This application is what you will send to Apple for an official Signing Certificate.
You can start your application by first opening Keychain Access.
Substep - A - Open Keychain Access
Substep - B - Create a Signing Certificate Request from the CA
The purpose of this step is not to create a certificate but to create a certificate request. This request is sort of like an application you will later send to Apple for an official Signing Certificate.
Substep - C - Complete the Certificate Request Form
It's important to get this right. I recommend using the email and organization name you used to create your Apple Developer Account.
Substep - D - Download your Signing Certificate Request Application
Download the file.
Step 5 - Request an Official Signing Certificate from Apple
This is the step where you will submit your Signing Certificate Request to Apple. If things work out, you will be granted an official Signing Certificate.