I'm at the point where I'm ready to submit an app - an Apple doesn't elaborate much on how to sign and submit apps. I have both the WWDRCA certificate and one I created but am at a loss on where to put them.. do I add them via drag n' drop into XCode? Why do I need the WWDRCA? Anyone have any info on this? Would be GREATLY appreciated
First, make sure you have correctly installed the Installer, Developer and WWDR certs in your Keychain.
In Xcode, edit your target build settings and under 'Code signing entity' and select your Developer certificate. Then build your app using 'Build and Archive'. Finally, open Organizer (via Window menu) to verify and submit your app.
At least, that's the theory. I agree that it's tricky. The Apple Developer Forums have several instructive postings about the potential pitfalls. Good luck!
Edit: Dang, I missed that it's about the Mac App Store, my post is about iOS... For the Mac App Store, there's also a document from Apple and a checklist with links. That checklist seems like a good starting point for all the relevant information.
Original iOS related post:
If you log in to the Provisioning Portal, Apple explains in detail how to get and use a certificate (now even with videos). Right when you login to the portal, see the right column. Or click on the "Certificates" link on the left and then on the "How to" tab. It's step-by-step guide with screenshots. Also, see the "Provisioning" section in the left meny, again click the "How to" tab. For submitting, see the "Distribution" section in the menu on the left. If you still have specific question after reading/watching that material, go ahead and ask.
You need the WWDR CA certificate so that your keychain and Xcode can actually validate your certificate. Certificates are signed by other certificates and form a chain of trust. But there has to be a start, and that is the CA certificate for which you first explicitly state "Yes, I trust this certificate" and thus all certificates that were signed by it.
This is also how your browser works with HTTPS: your browser comes with a bunch of CA certificates that it trusts by default, for example the CA certificate from Verisign. And if your browser then sees a certificate that was signed by Verisign it knows it can trust that website since it already trusts the Verisign CA.
Related
I am trying to implement APNS for my App and am hitting a wall while trying to generate a provisioning profile. I followed the instructions to create an APP id and was able to generate an SSL certificate for my App (the type is shown to be APNs development IOS). However, when I try to generate a provisioning profile, following the screen where I choose the AppID of my app, I do not see the SSL certificate I generate for this app. In the certificates list, I only see a certificate of type 'IOS development' that was created previously. I have been stuck on this issue for a while. Can someone please help?
Thanks
I resolved my own query. we need to add iOS development certificate while creating profile for APNS. You should have the p12 of that iOS development certificate.
I have developed an iOS app for my corporation. We distribute it via AirWatch. Some of the certs are going to expire soon and it is SO confusing to try to figure out what to do. I have googled and it seems every page has different information. I would really love it if someone could point me in the correct direction.
I have an "iOS Development" cert with my name on it. It appears that I cannot renew it, only revoke or download. Some pages said if I download it again it gets updated, some say I need to create a new cert. Which one is it, and do I do this in Xcode or on the portal?
I have an "APNs Production iOS" cert with my company's id on it(the reverse dns thing, like "com.apple.mobile". It is also due soon. How do I renew, and where do I renew it, in Xcode or the portal.
We do not use Apple Push Notifications in the app, but I am under the impression that you still need this as it is the way Apple securely identifies your app. Is this true?
I have a "iOS Provisioning Profile" that will also expire. Same questions. Can I just edit it to renew it? Do I do this in Xcode or Portal.
Thank in advance.
Yes, you will need to renew your profiles (all that you are using for development or distribution. Then, you will need to re-build any apps that were built with the old profiles. Otherwise, no one will be able to install the app that was build with the expired profile. Basically, any apps built and distributed with an enterprise distribution profile will need to be re-built at least once a year.
Edit: more details on how to generate a new certificate.
Just go the the ios developer portal, and go to the area on the right for Certificates, Identifiers, and Profiles on the right. Go to the Certificates area, and click the + icon to generate a new certificate. Follow the instructions there for generating the new cert. Once you have your new cert, go to the profiles section, and you will need to re-generate your profiles with the new cert. For each profile, click the edit button, change the certificate dropdown to your new certificate, and then click the Generate button. Download the new profile, and use it to re-build your apps.
I'm creating a launcher for a game I'm making. To gain access to the launcher's menu the user has to first create an account on the game's site, buy the game using it, and then login to the launcher using his credentials. I've set up a php script on the server which accepts a username and password MD5 hash parameter (in the URL), checks to see if the account is in the database and returns relevant information to the launcher.
Since I'm transferring sensitive (albeit encrypted) information over the Internet I've figured that using SSL would be the best way to go about doing this. Since I can't quite afford a legit third party signed certificate I've signed one myself. It's bundled in the launcher and added to the trust store programmatically so that I can use it to connect to that php script and login without any problems.
Now this whole system I've described works just fine, but I've heard from someone that using a self signed SSL certificate without the user's consent is illegal in some countries (namely Denmark, maybe others). I've tried looking this up to see whether I should add some sort of confirmation dialog to the launcher but I couldn't find anything.
I'm located (and developing the program) in Israel, the server is in the Netherlands.
Does anyone know what laws my friend was talking about, and what I should do to avoid breaking them, as well as online sources where I can read more about them?
Some countries have laws against using encryption. Check out Crypto Law Survey for details on each countries' restrictions. The Netherlands appears to have some restrictions, if so, you might want to consider moving your server.
I've developed application which communicates with my own server over HTTPS. And I use .p12 certificate for mutual authorization. The problem is that after I send first request on server I receive OSX's dialog message:
I know that need to make code sign but:
Can I make some workaround/hack/trick to prevent it? Please note that my app is not going to go on Mac Store. So I could use any private API.
If we can't prevent this dialog then what should I do:
1. Code sign my application via Mac Developer Program?
2. Or make trusted my p12 certificate?
If need to make some of these items above please provide a quote as proof from Apple's documentation.
I use OSX 10.8 an later.
Code signing your application is the most straightforward way to avoid this dialog. When importing the certificate and private key your signed application and future versions that match its designated requirement will be given access to the key for all purposes. See Mac OS X Code Signing In Depth and the Code Signing Guide for more information.
On your development systems that have already imported the key into the keychain you may see the authorization prompt one additional time, on systems that do not yet have the key in the keychain the prompt shouldn't appear at all.
Hye,
I'm not sure what is the problem is, but whenever I want to submit my app, this will occur,
afterthat i've tried to revoke my certificate and quest it back, the status were "issued" . How can i solve this problem ? tq.
Application failed codesign verification. The signature was invalid, or it was not signed with an Apple submission certificate. (-19011)
Are you sure that you are using the distribution profile to sign your app for submission, and not the developer profile?
It's a common cause of this failure.
It could also be that you are using Xcode 4.5 or iOS6 (which are pre-release) and that is preventing submission.
In general - I find the Apple Technical Note on Code Signing Issues to be a great reference for solving such problems.