Setting up Development Certificates
Obtaining iOS Development Certificate
- Go to http://developer.apple.com/membercenter/index.action
- Sign in using the Email/Password that was registered with the program
- Go to http://developer.apple.com/ios/manage/certificates/team/index.action
Generating a Certificate Signing Request
To request an iOS Development Certificate, you first need to generate a Certificate Signing Request (CSR) utilizing the Keychain Access application in Mac OS X. The creation of a CSR will prompt Keychain Access to simultaneously generate your public and private key pair establishing your iOS Developer identity. Your private key is stored in the login Keychain by default and can be viewed in the Keychain Access application under the ‘Keys’ category.
To generate a CSR:
- In your Applications folder, open the Utilities folder and launch Keychain Access.
- In the Preferences menu, set Online Certificate Status Protocol (OCSP) and Certificate Revocation List (CRL) to “Off”.
- Choose Keychain Access -> Certificate Assistant -> Request a Certificate from a Certificate Authority. Note: If you have a noncompliant private key highlighted in the Keychain during this process, the resulting Certificate Request will not be accepted by the Provisioning Portal. Confirm that you are selecting “Request a Certificate From a Certificate Authority...” and not selecting “Request a Certificate From a Certificate Authority with <Private Key>…”
- In the User Email Address field, enter your email address. Please ensure that the email address entered matches the information that was submitted when you registered as an iOS Developer.
- In the Common Name field enter your name. Please ensure that the name entered matches the information that was submitted when you registered as an iOS Developer.
- No CA (Certificate Authority) Email Address is required. The ‘Required’ message will be removed after completing the following step.
- Select the ‘Saved to Disk’ radio button and if prompted, select ‘Let me specify key pair information’ and click ‘Continue’.
- If ‘Let me specify key pair’ was selected, specify a file name and click ‘Save’. In the following screen select ‘2048 bits’ for the Key Size and ‘RSA’ for the Algorithm. Click ‘Continue’.
The Certificate Assistant will create a CSR file on your desktop.
Submitting a Certificate Signing Request for Approval
- After creating a CSR, log in to the iOS Provisioning Portal and navigate to ‘Certificates’ > ‘Development’ and click ‘Add Certificate’.
- Click the ‘Choose file’ button, select your CSR and click ‘Submit’. If the Key Size was not set to 2048 bits during the CSR creation process, the Portal will reject the CSR.
- Upon submission, Team Admins will be notified via email of the certificate request.
- Once your CSR is approved or rejected by a Team Admin, you will be notified via email of the change in your certificate status.
Downloading and Installing Development Certificates
- In the ‘Certificates’ > ’Distribution’ section of the Portal, control-click the WWDR Intermediate Certificate link and select “Saved Linked File to Downloads” to initiate download of the certificate.
- On your local machine, double-click the WWDR Intermediate certificate to launch Keychain Access and install.
- Upon CSR approval, Team Members and Team Admins can download their certificates via the ‘Certificates’ section of the Provisioning Portal. Click ‘Download’ next to the certificate name to download your iOS Development Certificate to your local machine.
- On your local machine, double-click the downloaded .cer file to launch Keychain Access and install your certificate.
Team Members can only download their own iOS Development Certificates. Team Admins have the authority to download the public certificates of all of their Team Members. Apple never receives the private key for a CSR. The private keys are not available to anyone except the original key pair creator and are stored in the system keychain of that Team Member.
No comments:
Post a Comment