Generating iOS certificate

An iOS device is only able to run apps approved by Apple and installed through the App Store. Apple achieves this by requiring that every app run by iOS has a signed Apple Certificate.

Apps installed from the App Store come bundled with a certificate, which the system verifies before it allows the app to run. If there’s no signature or if the signature is invalid, the app won’t run. As a developer, you need to be able to run your apps on your own devices on a regular basis as you’re developing them. For this, you need a way to create and sign your own certificates.
That’s where the Certificates, IDs & Profiles area comes in. This section allows you to generate what Apple calls profiles. Profiles, sometimes called code signing identities, are files generated by the Developer Center.

To generate iOS certificates, click the Certificates, IDs & Profiles.

First, you have to generate two certificates, one for your development profiles and another for your distribution profiles. 
Certificates can be generated as follows:

1. Click on the drop-down of  iOS, tvOS, watchOS in the upper left, then click on the + in the upper right:

2. On the next page, select iOS App Development as the certificate type and click Continue at the bottom.

Now you need to create a CSR file related to your certificate. For this, you need to access your keychain account on your Mac.

Creating a Certificate Signing Request (CSR) file

An explanation of how to generate a CSR using Keychain Access is shown here:

1. Firstly you need to open the Keychain Access app: 

2. In the Certificate Assistant window, fill in your email address and name, choose Save to disk and click Continue:                     

3. Save the file somewhere on your Mac. That’s your CSR created, now to generate that certificate go back to the Developer Centre in your browser and now click Continue.                                                     

4. Click Choose File...locate the CSR file you just created and select it, then click Continue:

5. You will now see a screen that says your certificate is ready. Click Download, and double-click the development certificate file to install it in the keychain.

6. Click Add in the Keychain Access dialog to complete the installation:

Now you have your certificate for your development profiles, you need to create a certificate for your production or distribution profiles. Click the Add Another button. Under Production select the App Store and Ad Hoc button, and click Continue at the bottom as before:

Go through the same process as before to submit the same certificate signing request as you did for the development certificate.
When it is ready, click Download, and double-click the distribution certificate file to install it in the keychain. 

Note: The distribution certificate is called ios_distribution.cer, whereas the development certificate you downloaded before is called ios_development.cer.

• Now look in Keychain Access and you will see your two installed certificates as follows:

 

Note: Sometimes the certificate do not exist in .p12 format and when you try to upload it, it generates a pop-up message with an error. For converting certificate into .p12 format you need to go to Keychain access in your IPad and Export the certificate in the .p12 format. 
Set a password for your certificate and proceed forward. Your certificate is now converted into .p12 format. 

The steps to export your certificate into .p12  format are as follows:

1. Open Keychain Access on your Mac and select the certificate that you've downloaded.

2. Right-click on the certificate, and click on Export. A window appears as shown:

3. Save the certificate                                                       

4. After saving the certificate you need to add a password for the keys and click OK.

You now need to enter your system's password in the dialog box that appears and close the Keychain Access.

Registering Devices

 The next step is to register your devices. On the left-side menu, click Devices\All and then on the right, +:

Now You need to get the UDID of the device(s) you want to use to run your apps. 

 Follow these steps to get the UDID of the device:

1. Open iTunes and plug the device into your computer. Select the device from the menu bar under the player controls. iTunes will display your device name, capacity, version, serial number, and phone number. Click on the serial number and it will change to your device’s UDID:

Note: In case you are registering with the new device you need to name your device and add it's UDID. Please refer to the link to Add the UDID. 

2. Now just right click on the number and select Copy to copy the UDID to your clipboard.

3. Go back to your browser, enter a device name (which can be anything you want) and paste the UDID into the appropriate field. When you’re done, click Continue.

4. You will now be prompted to confirm the registration.Your device is now registered, and will appear in your list of devices:                                                      

Creating App IDs

 An App ID is a combination of a 10-character “seed” prefix generated by Apple, and a suffix created by you, defined as a Bundle ID search string. Together they create a unique identifier for your app.  Apple recommends that you use “a reverse-domain name style string” for the Bundle ID. For an Explicit App ID, the suggested format is “com.domainname.appname”; for a Wildcard App ID, the suggested format is “com.domainname.*”.

Now that your device is registered, you need to create an App ID. Every app you build will need its own App ID. Follow these steps to create the App Id:

1. On the side menu, click Identifiers\App IDs.

2.  Click on the + icon on the upper right side of the screen.                                                     

3. Fill out the description (usually your app’s name). The seed ID will usually always be your Team ID. Now, make sure Explicit app ID is selected, and enter the Bundle ID (use a reverse-domain name style string for this, including the name of the app at the end). Click Continue when done.                                  

4. You will be prompted to confirm your values, click Register at the bottom. You will then see a Registration Complete message.

5. Now you’re ready to create the provisioning and distribution profiles.    

Provisioning Profiles

 A provisioning profile joins together all the pieces you have done so far, including certificates, device identifiers, and the App ID.  

1. Click on the + icon on the right side of the screen.

2. Choose iOS App Development, then click Continue.

3. The next window asks you to select an App ID for this new profile. Choose one from the drop-down. Click Continue.

4. The following window asks you to select the certificates for the profile. If you have multiple members of a team they can be selected from here. Select your certificate checkbox and click Continue.

5. This window asks for the devices this profile is valid for, select your device and click Continue. Now, enter a name for this profile. The name you specify is used to identify it among other profiles, so try to make it as descriptive as possible. Click Continue.

6. The final window shows your generated profile and has a download button that allows you to download it. Go ahead and click Download.

7. Click on generate the distribution profile. Click the Add Another button at the bottom.             

8. Under Distribution, click the App Store button, then click Continue.                                                       

• The next few steps are the same as for the development profile.