Create and Install Certificate and Provisioning Profiles for In-House Distribution

This tutorial is intended for beginner AppBuilder users who need to create a cryptographic identity for in-house distribution of Apple Watch bundles for the first time. You will learn:

  • The benefits and the limitations of using a cryptographic identity and provisioning profile for in-house distribution
  • How to create a certificate for production
  • How to create the required provisioning profile for in-house distribution of Apple Watch bundles
  • How to create a cryptographic identity for distribution in AppBuilder

This tutorial is applicable to:

  • The in-browser client
  • The classic Windows desktop client
  • The extension for Visual Studio
  • The command-line interface

To build and distribute your Apple Watch bundle to selected devices only, inside your company, you need a pair of matching cryptographic identity and provisioning profiles for in-house distribution. A cryptographic identity matches a provisioning profile, if both include the same Apple-signed certificate.

When you build and code sign an app with a pair of matching cryptographic identity and provisioning profiles for in-house distribution, you can distribute the app outside of the App Store. You can use an in-house cryptographic identity and provisioning profile to build and code sign private company apps. Private company apps might be apps that you want to provide only to colleagues and employees.

A pair of matching cryptographic identity and provisioning profile for in-house distribution provides the following benefits.

  • You can build and run your app on selected devices
  • You can distribute your apps privately
  • You can create private apps for distribution outside the App Store or inside a company

A pair of matching cryptographic identity and provisioning profile for in-house distribution has the following limitations.

  • You cannot publish your app in the App Store
  • You cannot debug on device apps that are built and code signed with the pair

Prerequisites

To complete this tutorial, you need to be enrolled in the iOS Developer Enterprise Program. To be able to create a new certificate for production, you must not have a production certificate. You need to be logged in the iOS Dev Center.

Step 1: Create a cryptographic identity

The cryptographic identity is a pair of matching public key certificate and private key. In AppBuilder, you can create a cryptographic identity or import an existing one. To create a new cryptographic identity, you need to complete a certificate signing request for an Apple-signed certificate.

Alternatively, if you want to use an existing cryptographic identity that you created earlier, you can import it.

Start by running AppBuilder to create a certificate signing request. Make sure you have stored the CSR file on your disk.

Next, create a certificate for production in the iOS Dev Center. Make sure you have downloaded the CER file on your disk.

Last, complete the certificate signing request in AppBuilder by uploading the CER file for your certificate. Your new cryptographic identity is added to the list.

You cannot upload your CER file if you do not have a pending certificate signing request that matches the request in AppBuilder.

Step 2: Obtain the provisioning profiles

Each provisioning profile is stored as a mobileprovision file. This file contains information about the identity of the app author, the identity of the app and its distribution purpose.

You can obtain a provisioning profile by exporting an existing one or by creating a new one.

To create an in-house distribution provisioning profile, you need an iOS App ID and one or more production certificates.

Start by registering the required App IDs for your app. If you want to use an already registered App ID, skip this step.

Not to be confused with the Telerik Platform App ID which is the unique identifier for your app in the Telerik Platform. For more information about the Telerik Platform App ID, see App Settings.

For Apple Watch bundles, you need to use an explicit App ID. With an explicit App ID, you can incorporate most of the Apple application services in your app. If your provisioning profile includes an explicit App ID, you cannot use it across multiple apps.

Complete this task by creating an in-house distribution provisioning profile for each Apple Watch bundle component and download the mobileprovision file on your disk.

Step 3: Add the provisioning profiles in AppBuilder

Repeat this for all components of the Apple Watch bundle: the host app, the watch extension and the watch app.

If you are an classic Windows desktop client user, run classic Windows desktop client, open your app and in the title bar, click your user name and select Options. In the Mobile tab, expand iOS, select Mobile Provisions, click Import and select the mobileprovision file from your disk.

If you are an in-browser client user, run in-browser client, open your app, click the cogwheel icon and select Options. Select iOSProvisioning Profiles, click Import and select the mobileprovision file from your disk.

If you are an extension for Visual Studio user, run Microsoft Visual Studio, open your app and in the main menu bar, click AppBuilderOptions. In the Mobile tab, expand iOS, select Mobile Provisions, click Import and select the mobileprovision file from your disk.

If you are an command-line interface user, in the command prompt, run the following command.

appbuilder provision import <File Path>

Where <File Path> is the complete file path to the mobileprovision file for your provisioning profile.

Next Steps

After configuring your pair of matching cryptographic identity and provisioning profile, you can build and distribute your app to selected devices.

Start a free trial Request a demo
Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.