Making iOS Certificates

Last Updated on2020-03-24 08:54:54

Updates

Update TimeDescription
2020.3.4Format update, image update
2020.3.2Update "Apple SignIn" related things
2020.3.17Update v3.15 additional capability

Prepare

  1. Register and join Apple Developer Program. See: Enrollment - Support - Apple Developer
  2. A macOS Computer

Create iOS Certificate

1. Create App ID

1.1 Login Apple Developer,click Certificates, IDs & Profiles .

1.2 Click Identifiers -> + .

image.png

1.3 Select App IDs, click Continue .

1.4 Fill in the Description, Select Explicit for Bundle ID, and input your App Bundle ID.

1.5 Select the following options in Capabilities list:

  • Access WiFi Information
  • Associated Domains
  • Push Notifications
  • Sign In with Apple, Enable as a primary App ID (optional)

Attention: 1. According to the new AppStore review guidline, starting from v3.15, if your App opened the third-party login function (such as wechat/qq/facebook/twitter), "Sign In with Apple" is required. 2. Since v3.15, because of the third-party SDK update, Associated Domainsis required to build the App. 3. If your App include additional service, other capabilities should be opened.

1.6 Click Continue , and click Register .

If failed with "An App ID with Identifier 'com.xxx.xxx' is not available. Please enter a different string." , please go back and change a Bundle ID.

If no error, please proceed to the next step.

2. Create a CSR file (.certSigningRequest format)

2.1 Open Keychain Access App in macOS, click Keychain Access --> Certificate Assistant --> Request a Certificate From a Certificate Authority... :

image.png

2.2 Input your email, name, select Saved to disk , and click Continue .

image.png

2.3 Save CertificateSigningRequest.certSigningRequest to local disk, done.

3. Create App Distribution certificate(.p12 format)

If your account has multiple Apps, you can use the same app distribution certificate. Create multiple distribution certificates will cause some troubles.

3.1 Open Certificates, Identifiers & Profile page, select Certificates, click+ .

3.2 Select iOS Distribution (App Store and Ad Hoc), click Continue .

3.3 Click Choose File... , select the csr file created before, click Continue .

3.4 Click Download, download ios_distribution.cer file to local, double click file to import it to the keychain.

Attention: .cer file needs to import to the keychain, then export to .p12 file, please continue the steps.

3.5 Open Keychain Access App, Select My Certificates, and find the certificate you imported. Right click to export.

image.png

3.6 Save as "App Distribution Certificate.p12", file format: .p12, then click "Save".

image.png

3.7 Set a password for your App Distribution Certificate and not forget it. Click "OK", done.

4. Create App Push Certificate (.p12 format)

Different to the distribution certificate, if your account has multiple Apps, please create push certificate for every App.

4.1 Open Certificates, Identifiers & Profile page, select Certificates, click+ .

4.2 Select Apple Push Notification service SSL (Sandbox & Production) , and continue.

4.3 Choose your App ID (Bundle ID), and continue.

4.4 Click Choose File... , select the csr file created before, click Continue .

4.5 Click Download, download aps.cer file to local, double click file to import it to the keychain.

Attention: .cer file needs to import to the keychain, then export to .p12 file, please continue the steps.

4.6 Open Keychain Access App, Select My Certificates, and find the certificate you imported. Right click to export.

image.png

4.7 Save as "App Push Certificate.p12", file format: .p12, then click "Save".

image.png

4.8 Set a password for your App Push Certificate and not forget it. Click "OK", done.

5. Create Profile (.mobileprovison format)

5.1 Open Certificates, Identifiers & Profile, select Profiles, then click + button.

5.2 Select App Store and continue.

5.3 Select App ID (Bundle ID) and continue.

5.4 Select the distribution certificate you created before, and continue.

Attention: If there's multiple certificates and you don't know how to choose, please go back to the certificates page, remove the unnecessary certificate and redo this step. If you select the wrong certificate, App build might fail.

5.5 Input a provisioning profile name, then generate.

5.6 Download the profile, done.

6. Upload certificates, profile to Tuya IoT Platform.

6.1 Open Tuya IoT Platform, click your App.

6.2 Click Set up certificates.

6.3 Upload your App distribution certificates, password, mobileprovision, and save.

image.png

image.png

Attention

  1. The push certificate is valid for 1 year. If it expires, the App push will be invalid.
  2. The developer account needs to renew each year, if not renewed in time, the App will be removed from application market
  3. Starting from April 2020, All App use third-party login function are required to use Sign in with Apple. See New Guidelines for Sign in with Apple
  4. Since v3.15, because of the third-party SDK update, Associated Domainsis required to build the App.