Creating Apple Provisioning Profiles

By Paulus, 24 June, 2012

Prerequisites

  • $99 Apple Developer account
  • If you are on a team, then you need to be either an Admin or a Team Agent.
  • Test Device with it's UUID
  • App ID
  • Developer Certificate (and Provisioning Profile)
  • Distribution Certificate (and Provisioning Profile)

Adding a Device to the Provisioning Portal

In order to create a Provisioning Profile you need to add a device to the account. To do this, the UUID must be obtained. This UUID is a 40 character hex number which can be found one of two ways. The first being through Xcode's device manager. 

  1. Connect an iOS device to your Mac. 
  2. Open up the Organizer (Window -> Organizer)
  3. Click on the Devices icon at the top of the screen. 
  4. The iOS device will be listed in the left pane.
  5. control+click and select Add Device to Provisioning Portal (you can also copy the identifier which is the UUID of the device, and add it in the portal, shown below.) Apple only allows 100 devices to be added to an account.

When you log into your developer account, you will see the iOS Provisioning Portal

Once you've accessed the Provisioning Portal click on the link in the left hand navigations labeled Provisioning and then click on New Profile

Below you can enter the Device Name and the 40 hex character Device ID

Creating an App ID

An app ID is a string to identify your app, or set of apps. This ID is used to specify which apps are authorized to be signed and launched.  The app ID has two parts, the bundle seed which is your team ID and the second a string which is typical in a reverse-domain-name style string. Once you start associating provisions to an app, the bundle name should not be changed or else you will need to generate a new app ID, and in turn generate new developer and distribution provision profiles.

Apple allows you two types of app IDs, the forementioned type being a static app ID, and a wildcard app ID. The Wildcard app ID only uses the team ID (bundle seed) followed by an astrex (*)

Static App ID: 12345ABCDE.com.paulusworld.mobileapp
Wildcard App ID: 12345ABCDE.*

The most important difference between a static app ID and a wildcard app ID is that with a wildcard, you can't use push notifications, in-App purchases, iCloud, and Game Center.

  1. Log in to the Provisioning Portal
  2. Click on App IDs in the left navigation.
  3. Click on the button that says New App ID
  4. Give the new app ID a descriptive name and a bundle identifier.

Obtaining a Development and Distribution Provisioning Profile

 

To obtain a development certificate, substitute clicking on the tab labeled Distribution with Development in step 4.

  1. Log into iOS Developer account
  2. Go to the Provisioning portal
  3. click on Certificates on the left hand navigations
  4. Then click on the tab labeled Distribution, and click the button labeled Request Certificate

    There are two ways one can achieve this, the first being through Xcode, the other through the portal. 
    1. To create the certificate through the portal:
      1. Generate a Certificate Signing Request (CSR) with a public key
        1. Open Keychain Access program
        2. Choose Keychain Access > Certificate Assistant > Request a Certificate from a Certificate Authority
        3. In the Certifcate Information window, enter or select the following information:
          1. User Email Address
          2. Common Name - your name
          3. Request is group
          4. Saved to disk option is checked.
          5. Click Continue
        5. The Certificate Assistant saves a Certifcate signing Request (CSR) file to your Desktop
        6. The public/private key pair will be generated when you create the Certificate Signing Request (CSR) if you use the Key Chain Assistant to create the CSR.
      2. Submit the CSR through the Provision Portal to the Admin for approval.
        1. Click the Distribution tab
        2. Upload the certificate by choosing the file
        3. Click Submit
      4. You will be notified by email when your CSR has been approved or rejected.
    2. Through Xcode
      1. Open Devices Organizer (Window -> Organizer)
      2. Select Provisioning Profiles in the Library Section
      3. Click the Refresh Button at the bottom of the window
      4. Enter the user name and password and click Log in. After you log in to your account, a prompt appears, asking whether Xcode should request your distribution certificate.
      5. Click Submit Request.
      6. If a prompt appears, at the end of the refresh process, asking if you want to export your developer profile, click Export.
    4. Click on Provisioning in the left navigation
    5. Click the tab labeled Distribution
    6. click the button that says New Profile
    7. Fill in the Distribution Provision form

    If you lost the private key for the distribution certificate, then you will need to revoke the certificate and create another one. I found that not using Xcode to generate the Distribution certificate worked a lot better because for some reason, the private key was not being created.