MobiOne Logo

iOS Application Provisioning Requirements

 

Contents

 

1. Introduction

In this tutorial you learn how to create the digital signing and provisioning data files required to build and install an iOS application for distribution in the iTunes AppStore or for testing on a set of iOS devices. The four data files created are:

Certificate Signing Request (CSR) file
The certificate signing request is a temporary file you submit to Apple when you request a digital certificate. This file includes a public encryption key that is matched with the private key file that you will create using MobiOne's Digital Signing Utility.

Private Key file
The private key (PK) file is created at the same time as the CSR file. It is used in the MobiOne application build process to encrypt the key file. This file should be kept safe and private.
Digital Certificate file
An iOS application must be digitally signed with a valid digital certificate provided by Apple in order for it to install and run successfully on an iOS device. This file includes the public encryption key provided by the CSR file.

Provision Profile file
In addition to a digital signature, an application be installed and run only on iOS devices configured with a provision profile (e.g., distribution.mobile-provision) that authorizes the application. A provision profile is a document that lists the digital certificates, the devices, and the IDs of the applications that are allowed to operate on a device.

Back to Contents

 

1.1 Apple iOS Developer Program Membership Requirement

A membership in the Apple iOS Developer Program is required to access the iOS Provision Portal, a data creation service used in this tutorial. Visit developer.apple.com/programs/ios to learn about the  program benefits and cost.

Note: There is a cost from Apple for an iOS Developer Program membership.

Back to Contents

 

2. Creating a Digital Certificate and Private Key

To begin the provisioning process, you will create a private key file (PK) and certificate signing request file (CSR) using the MobiOne Digital Signing Utility. These files are generated simultaneously by the utility, and then you download each file to your computer. The PK file is used later in the MobiOne application build process. You will then submit the CSR to the iOS Provisioning Portal as input to the digital certificate request process. Lastly, when the Provisioning Portal creates the new certificate, you download the digital certificate file and store it with the PK file.

Back to Contents

 

2.1 Creating a Folder for Storing Provisioning Data

Please Read - Before generating any files, here is a little housekeeping advice. Always create a new folder into which all files created in this tutorial are downloaded and saved. It is critical that you never mix different versions of the private key, certificate and provisioning profiles files. Doing so results in errors when you attempt to use the data in the application build process or when installing an application on an iOS device.

Back to Contents

 

2.2 Generating Certificate Signing Request and Private Key Files

The first step is to use the MobiOne Signing Data Utility to create certificate signing request and private key files, which you will then download to your development machine. The certificate signing request file is named certificate-request.csr and is submitted to the iOS Provisioning Portal when you request a new digital certificate from Apple in Section 2.3. The private key (private.key) file is required for building an iOS application.

Note: The process of generating certificate request and private key files needs to be done only once. The private key (.key) file you generate must be paired with the certificate file you receive from Apple; therefore, do not lose this file.

  1. Using your web browser, access the MobiOne Digital Signing Utility at http://mobionesigning.appspot.com.
  2. Click the Generate button to create both the certificate request file and private key file.
    3. Generating the certificate request and private key files
  3. Click the Download button for each of the files, and save them to the new folder you created in Section 2.1. You will access these files later in the provisioning process.
    4. Downloading the generated files

Back to Contents

 

2.3 Requesting a Digital Certificate

In this step you create and download a digital certificate for use in distributing applications either to the App Store or to registered iOS devices.

  1. In the iOS Provisioning Portal (login required), click Certificates in the left navigation panel, and click the Distribution tab.
  2. Click the Request Certificate button. A page appears that presents instructions for creating a certificate request file. You can ignore these instructions; MobiOne has already provided you with a certificate request file in Section 2.2.
    3. Requesting a certificate
  3. Scroll to the bottom of the page, click the Browse button, navigate to the certificate-request.csr file created and downloaded in Section 2.2, and click Submit. Apple receives the request and will supply you with a certificate file, typically in 1-2 minutes.
  4. When the request is approved, click the Download button to download the certificate ( distribution.cer) file. Save the certificate file to the same folder containing the private.key file created in Section 2.1.  This file is required for MobiOne to build your iOS application.
    5. Downloading the certificate file

Back to Contents

 

3. Creating a Provisioning Profile

A provisioning profile authorizes an application to be installed and run on an iOS device. Provisioning profiles are created and configured from the Provisioning Portal. In this tutorial, you will create an ad hoc distribution profile. Such a profile enables an application to be installed for testing purposes from either your local iTunes application or wirelessly, a.k.a., over the air.

3.1 Adding Devices

When creating an ad hoc distribution profile, you must first identify the iOS devices for which the profile applies. Do this by using the Provisioning Portal to register iOS devices by their Unique Device Identifier (UDID). Before registering a device, you must first retrieve its UDID.

Retrieving a Device UDID Using iTunes

  1. Connect the device to iTunes, and select the device in the Device list. The Summary page opens.
  2. Click the serial number to reveal the UDID.
    3. Retrieving the UDID from iTunes

Note: Several free apps are available that retrieve and email your UDID to you. If you prefer this method, one suggestion is UDID Lite.

Adding a Device

  1. Click Devices in the left navigation panel, and click the Add Devices button.
    2. Adding a device
  2. Enter a name for the device, enter the UDID, and click Submit.
    3. Entering the UDID

    When you submit, the device appears in the device list.

    Registered device

Back to Contents

 

3.2 Creating App IDs

Applications authorized by a provision profile must have bundle IDs that match the profile's App ID. App IDs are created using the Provisioning Portal. The recommended naming convention for App ID strings is to use a reverse-domain name with the app specific ID appended as the last segment, e.g., com.genuitec.myapp. An App ID can end with the optional * wildcard character. Wildcard App IDs match all application bundle IDs that share the same prefix before the app ID * char. Example wildcard App IDs include com.genuitec.* and *.

For simplicity, the example in this tutorial uses a full wildcard * App ID.  Profiles configured with a full wildcard App ID will authorize all applications. You can read more about App IDs on the Provisioning Portal website.

  1. Click App IDs in the left navigation panel, and click the New App ID button.
    2. Creating a new App ID
  2. Enter a name and an identifier. In the example below, the identifier is the full wildcard *. Click Submit.
    3. App ID details

    When you submit an App ID, it appears in the App ID list. Apple adds a 10-digit unique identifier prefix to the App ID string you entered as shown below, e.g., QQR7LUCM6C.*

    App ID list

Back to Contents

 

3.3 Configuring a New Provisioning Profile

The final step is to create a new provisioning profile and download it for use in building your iOS application with MobiOne. In step 3 below, you have the option to create either an App Store distribution profile or an Ad hoc distribution profile.

Note: This tutorial presents the creation of an Ad hoc distribution profile because this type of profile is required to install your application on local devices for testing. When your application is complete and you are ready to distribute it through the App Store, repeat this process to create a new provisioning profile. In step 3, choose the App Store distribution option.

  1. Click Provisioning in the left navigation panel, and click the Distribution tab.
  2. Click the New Profile button.
    3. Creating a provisioning profile
  3. Select the method you want to use for distributing your application. This example uses Ad Hoc for distributing to specific registered devices for testing. If you are distributing to the App Store, select the App Store option.
  4. Enter a descriptive name for the profile, select the app ID you want assigned to the profile, and select the devices allowed to run applications using this profile. Because this example uses the fully wildcarded App ID, the profile is named UnrestrictedAdHocDistribution for easy recognition.

    5. Note: If you selected the App Store distribution method, you do not need to select any devices.

    Provisioning profile details
  5. Click Submit. The provisioning profile list displays the new profile with a status of "Pending."
    6. Pending profile

    When the status becomes "Active," click the Download button, and save the downloaded profile file (.mobile-provision) to the folder containing the certificate and private key files.

    Downloading the provisioning profile file

    Now that you have the digital signature and provision files required for distributing iOS applications, you can build an application using MobiOne. See Building an iOS Application for more information.

Back to Contents

 

4. Where Do I Learn More about MobiOne Studio?

The MobiOne online Learning Center site provides documents, tips, tutorials and videos to help answer your questions. Remember to check the Learning Center site for new and updated material.