An iOS device is only able to run apps approved by Apple and installed through the App Store. Apple achieves this by requiring that every app run by iOS has a signed Apple Certificate.
Apps installed from the App Store come bundled with a certificate, which the system verifies before it allows the app to run. If there’s no signature or if the signature is invalid, the app won’t run. As a developer, you need to be able to run your apps on your own devices on a regular basis as you’re developing them. For this, you need a way to create and sign your own certificates.
That’s where the Certificates, IDs & Profiles area comes in. This section allows you to generate what Apple calls profiles. Profiles, sometimes called code signing identities, are files generated by the Developer Center.
To generate iOS certificates, click the Certificates, IDs & Profiles.
First, you have to generate two certificates, one for your development profiles and another for your distribution profiles.
Certificates can be generated as follows:
Click on the drop-down of iOS, tvOS, watchOS in the upper left, then click on the + in the upper right:
Now you need to create a CSR file related to your certificate. For this, you need to access your keychain account on your Mac.
An explanation of how to generate a CSR using Keychain Access is shown here:
Now you have your certificate for your development profiles, you need to create a certificate for your production or distribution profiles. Click the Add Another button. Under Production select the App Store and Ad Hoc button, and click Continue at the bottom as before:
Go through the same process as before to submit the same certificate signing request as you did for the development certificate.
When it is ready, click Download, and double-click the distribution certificate file to install it in the keychain.
Note: The distribution certificate is called ios_distribution.cer, whereas the development certificate you downloaded before is called ios_development.cer.
Now look in Keychain Access and you will see your two installed certificates as follows:
Note: Sometimes the certificate do not exist in .p12 format and when you try to upload it, it generates a pop-up message with an error. For converting certificate into .p12 format you need to go to Keychain access in your IPad and Export the certificate in the .p12 format.
Set a password for your certificate and proceed forward. Your certificate is now converted into .p12 format.
The steps to export your certificate into .p12 format are as follows:
Open Keychain Access on your Mac and select the certificate that you've downloaded.
Right-click on the certificate, and click on Export. A window appears as shown:
You now need to enter your system's password in the dialog box that appears and close the Keychain Access.
The next step is to register your devices. On the left-side menu, click Devices\All and then on the right, +:
Now You need to get the UDID of the device(s) you want to use to run your apps.
Follow these steps to get the UDID of the device:
Note: In case you are registering with the new device you need to name your device and add it's UDID. Please refer to the link to Add the UDID.
Now just right click on the number and select Copy to copy the UDID to your clipboard.
Go back to your browser, enter a device name (which can be anything you want) and paste the UDID into the appropriate field. When you’re done, click Continue.
An App ID is a combination of a 10-character “seed” prefix generated by Apple, and a suffix created by you, defined as a Bundle ID search string. Together they create a unique identifier for your app. Apple recommends that you use “a reverse-domain name style string” for the Bundle ID. For an Explicit App ID, the suggested format is “com.domainname.appname”; for a Wildcard App ID, the suggested format is “com.domainname.*”.
Now that your device is registered, you need to create an App ID. Every app you build will need its own App ID. Follow these steps to create the App Id:
On the side menu, click Identifiers\App IDs.
Click on the + icon on the upper right side of the screen.
You will be prompted to confirm your values, click Register at the bottom. You will then see a Registration Complete message.
Now you’re ready to create the provisioning and distribution profiles.
A provisioning profile joins together all the pieces you have done so far, including certificates, device identifiers, and the App ID.
The next few steps are the same as for the development profile.