Code Signing 101
Certificates and Private Keys
Device builds on iOS are required to be signed with a developer’s certificate. Code signing allows iOS devices to verify the app developer’s identity, and that the app has not been tampered with.
Developer identities are tied to two artifacts — a certificate and a private key that unlocks the certificate. Both these artifacts are probably already present if you’ve ever deployed builds to a device.
Typically, there are two types of certificates available to iOS developers — one is a development certificate used for local development and testing — the other is a distribution certificate meant for builds destined for the App Store.
If you’re part of the Apple Enterprise program, you also have an Enterprise Distribution certificate that allows you to deploy apps within your enterprise.
You must code sign iOS applications before any iOS devices will accept them for installation.
Buddybuild creates builds on your behalf, so we need access to your developer identities in order to sign builds. Managing these can be a pain. Use the Automatic Cert-Uploader to quickly and easily upload the relevant certificates to buddybuild.
Development devices also need to be included in the Provisioning Profile of the development-signed app bundle before they can accept them for installation.
Provisioning profiles are generated and signed by Apple. Any modifications — like adding a new device UDID — requires the following:
A request to Apple to regenerate the profile,
Download and installation of the generated profile on to your development machine,
Rebuilding your app with the updated profile.
Buddybuild can also transparently manage these for you. Simply enable the Auto-Syncing Provisioning Profiles feature to take advantage of this functionality!
After an app has been built, it is not possible to alter, remove, or replace the provisioning profile used during the build. Whenever provisioning profile changes are required, your app needs to be rebuilt.
If your app is built with a development provisioning profile, you cannot deploy your app to the App Store without rebuilding your app with a distribution provisioning profile.