iOS Code Signing

Apple requires that all executable code be signed using an Apple-issued certificate. Signing your apps with Apple-issued certificates is required to help ensure that the code has not been tampered with in any way and that it comes from a known and approved source.

Here is how the process works: to develop and install apps on Apple products, developers must first register with the Apple Developer Program. Once registered, Apple verifies the developer's identity, which can be either an individual or a business, and only then issues a certificate that will be used for developing, testing, distributing, and submitting apps to the App Store. This system ensures that all apps come from a known source.

There are two ways that can be used iOS code signing: manual and automatic.

• Manual iOS code signing works by providing a provisioning profile that is already created and specifying a Bundle Identifier. The provisioning profile should be compatible with the application and it should be created with appropriate certificate and devices if applicable.

• Automatic iOS code signing means Xcode the signing process for you. Once the 'Automatically manage signing' is enabled in your project's configurations, Xcode will create or update profiles and app IDs automatically.

Appcircle supports both automatic and manual signing methods, providing flexibility in your app signing process.

Automatic Signing: Appcircle handles provisioning profile management and app signing automatically during the build process.

Example: A development team enables automatic signing in their build configuration. Appcircle automatically manages certificates and provisioning profiles, streamlining the build process without manual intervention.

Manual Signing: For precise control over the signing process, you can manually select certificates and provisioning profiles.

Example: For an app with multiple targets and specific signing requirements, a developer opts for manual signing. They manually select the appropriate provisioning profiles and certificates for each target in Appcircle's build configuration, ensuring the app is signed correctly for enterprise distribution.

Apple Certificates are certificates issued by Apple that are used for signing your applications. Developers need to sign all applications using Apple Certificates to verify ownership, ensure that the code has not been tampered with, and confirm that it comes from a verified source.

Provisioning Profiles are files that contain a set of entities and entitlements allowing apps to be installed and tested on devices. They include information about the App ID, Certificate, and registered device details, and authorize your app to use specified app services.

There are multiple types of Provisioning Profiles (Development, Ad Hoc, etc.), and each profile should be paired with an Apple Certificate depending on its purpose. Common use cases include:

An Apple Development Certificate is used to sign apps so they can run on registered iOS, macOS, tvOS, or watchOS devices during development. You use it when building and running apps from Xcode on your own devices, enabling testing and debugging.

Example: A developer creates a new iOS app in Xcode and wants to run it on their iPhone for debugging. They create, fetch, or upload an Apple Development Certificate in Appcircle, store it securely in the centralized Signing Identities hub, and pair it with a development provisioning profile. This setup allows them to build, sign, and deploy the app directly to their iPhone from Xcode to test performance, fix bugs, and validate functionality in a real-world environment.

An Apple Distribution Certificate is used to sign apps for distribution outside of Xcode. You need it when submitting applications to the App Store, distributing through TestFlight, or creating Ad Hoc and Enterprise builds. Unlike development certificates, it’s intended for releasing apps to testers or end users.

Example: A developer finalizes their iOS app and prepares it for release. They create, fetch, or upload an Apple Distribution Certificate in Appcircle, then store it securely in the centralized Signing Identities hub and pair it with a distribution provisioning profile. This setup allows them to sign the app and either submit it to the App Store via Xcode or distribute it to testers through TestFlight.

An iOS App Development Certificate is used to sign development versions of iOS, tvOS, and watchOS apps so they can run on registered devices and access certain app services during development. The newer Apple Development Certificate includes everything the iOS certificate covers, with the addition of macOS, providing a single certificate type for all Apple platforms.

Example: A developer working only on an iOS app can use an iOS App Development Certificate to test it on their iPhone. For a project that also includes a macOS version, they can use an Apple Development Certificate to cover both platforms with a single certificate.

An iOS Distribution Certificate is used to sign iOS, iPadOS, tvOS, watchOS, and visionOS apps for submission to App Store Connect, TestFlight, or Ad Hoc distribution. It ensures that apps can be installed on designated devices for testing or submitted to the App Store. The newer Apple Distribution Certificate covers all of the same platforms plus macOS, unifying distribution under a single certificate type.

Example: A team preparing to release an iPhone app to the App Store uses an iOS Distribution Certificate to sign and submit it through App Store Connect. For a project that includes both iOS and macOS versions, they use an Apple Distribution Certificate to manage signing and distribution for all platforms with a single certificate.

A Development Provisioning Profile is required to run your app on real devices during development. It works together with an Apple Development Certificate (or an iOS App Development Certificate) to sign your app so it can be installed on registered devices directly from Xcode. This profile also enables the use of certain app services, such as Push Notifications or App Groups, while testing.

Example: A developer wants to test a new iOS app on their iPhone. In Appcircle, they fetch a Development Provisioning Profile from the Apple Developer Portal and pair it with their Apple Development Certificate. This allows them to build, sign, and deploy the app from Xcode to their device for debugging and real-world testing.

An Ad Hoc Provisioning Profile is used to distribute apps outside the App Store or TestFlight, directly to specific devices for testing. It must be paired with an Apple Distribution Certificate (or an iOS Distribution Certificate) to sign the app. With this profile, you can share the app with testers, but only on devices whose UDIDs are registered in the Apple Developer Portal. The limitation is that the devices must be predefined, which can be restrictive for larger teams or external testers.

Example: A QA team wants to test an iOS app on a group of devices before submitting it to the App Store. The developer creates an Ad Hoc Provisioning Profile in Appcircle, pairs it with an Apple Distribution Certificate, and registers the testers' device UDIDs through Appcircle's device registration feature. This setup allows the signed app to be installed directly on those devices for real-world testing without using TestFlight.

An App Store Provisioning Profile is used when distributing apps through the App Store. It must be paired with an Apple Distribution Certificate (or the older iOS Distribution Certificate) to sign the app. Unlike Ad Hoc profiles, you do not need to specify device UDIDs. Once approved, the app can be downloaded and installed by any user from the App Store.

Example: A developer is ready to release their iOS app publicly. In Appcircle, they create or fetch an App Store Provisioning Profile and pair it with an Apple Distribution Certificate. This setup allows them to sign the app and submit it to App Store Connect for review and distribution.

An In-House Provisioning Profile is used to distribute apps internally within an organization without going through the App Store or TestFlight. It must be paired with a Distribution (Enterprise) Certificate, which Apple issues only to organizations enrolled in the Apple Developer Enterprise Program, typically those with more than 100 employees. With this profile, there is no need to register device UDIDs, but apps can only be used for work purposes by employees of the enterprise. Apple may revoke the certificate at any time if the program agreement is violated.

Example: A large company wants to distribute a custom iOS app to its employees for internal use. The team creates an In-House Provisioning Profile in Appcircle and pairs it with a Distribution (Enterprise) Certificate. Using Appcircle’s Testing Distribution or Enterprise App Store module, they deploy the signed app securely across employee devices without submitting it to the App Store.

When a certificate or provisioning profile is created, Apple automatically issues an expiration date, typically one or two years depending on the type. Once expired, they can no longer be used to sign apps, which can disrupt both development and distribution. To avoid interruptions, expirations should be tracked carefully and renewals performed in advance.

Appcircle simplifies this process by helping you manage expirations and handle renewals directly on the platform. Certificates and provisioning profiles can be renewed seamlessly, ensuring that apps continue to build, sign, and deploy without disruption.

Example: A team is preparing their iOS app for App Store submission when they receive a notification from Appcircle that their App Store provisioning profile is about to expire. Using Appcircle, they renew it in advance, which updates the Apple Developer Portal automatically. As a result, the renewed credentials are applied to future builds, and the team continues their development and release process without interruption.

After updating provisioning profiles, applications must be re-signed to reflect the changes. Appcircle automates the re-signing process, ensuring your app can be installed on devices registered after the initial build.

Example: A new test device is added to the provisioning profile. The developer uses Appcircle's Re-sign Binary feature to automatically re-sign the app binary with the updated profile. The app is then distributed to all registered testers, including those with newly added devices.