To create a test version of the app that can be easily distributed within your organisation, it is necessary to have an account on the Apple Developer Enterprise Program, for which you can enroll on developer.apple.com/programs/enterprise.
This article explains how to create the following certificates:
- In-House certificate - Apple requests that the apps are signed with a valid in-house certificate. You can sign all your apps with a single certificate.
- Bundle ID - The Bundle ID is used to identify the app.
- Provisioning profile - The provisioning profile saves the configuration of the apps for different devices and must be used together with the in-house certificate and bundle ID to sign the app.
The following steps must be performed on a Mac OS machine, as the Keychain application is used to create the certificates. The files will be used in the Sign step while building the app.
Log in to your account on the Apple Developer Enterprise Program at developer.apple.com. After being logged in, choose Account on the top menu bar, and then select Certificates, Identifiers & Profiles, either from the main page or from the menu on the left.
To distribute the app within your organisation as a test version, an in-house distribution certificate must be created. A .p12 file contains the certificates necessary to sign the app during its construction. This certificate is valid for nine months and can be used for all your apps.
On the page Certificates, Identifiers & Profiles, select Certificates from the menu on the left. In the top-right corner, click the plus button to create a new Distribution Certificate.
When prompted about the type of certificate you need, choose In-House and Ad Hoc under the Software section.
You will be redirected to a page to upload a Certificate Signing Request (CSR), which you can learn how to create in this link. Open the Keychain application (available on any Mac OS) and follow the steps described on the page. A file with the extension .certSigningRequest will be saved to your computer.
Upload the generated .certSigningRequest and click Continue. Now your certificate is ready and you can download to your computer a file named ios_distribution.cer.
Open the ios_distribution.cer file. It will be automatically added to the Keychain application, and you should be able to see it on the list as iPhone Distribution: <your Apple account name>. Right click the row and select Export iPhone Distribution: [...]. You can now save a .p12 file to your computer. During the export, you will be asked for a password. If you don't want to set one you can leave the fields empty and click OK.
It is good practice to add 'inhouse' at the end of the file name, to easily distinguish the inHouse certificate from the distribution one. You can, for example, name your file App Name + InHouse without spaces.
This file will be used while building the app. You will have to upload it on the Sign step, at the 'Test version p12 file' field.
The Bundle ID is used by Apple to identify the app. Each app needs to have a unique Bundle ID.
On the page Certificates, Identifiers & Profiles, from the menu on the left, choose Identifiers section. On the iOS App IDs page, click the plus button on the top right corner to create a new app ID.
Select App IDs and click on Continue:
The fields must be filled in as it follows:
- App ID Description - Name: the name of your app
- App ID Suffix: select the Explicit App ID option. For the Bundle ID, Apple recommends using a reverse-domain name style (for example, if your website is conferences.cc, the Bundle ID should be cc.conferences.myappinhouse. It is good practice to add 'inhouse' at the end of the file name, to easily distinguish the inHouse certificate from the distribution one.
- App Services: The services to be used by the app. You must enable the Associated Domains service.
Click Continue, check all the information entered and then click to Register the app. Now your app should appear on the list of iOS App IDs.
The app needs to be configured to launch on devices and use services, and this process is called Provisioning. These configurations are saved in the provisioning profile, which exports to a file with extension .mobileprovision. This file is combined with the certificates and bundle ID to sign the app.
On the page Certificates, Identifiers & Profiles, select Profiles on the left menu. Click the plus button to create a new provisioning profile.
When prompted about the type of certificate you need, choose In House under the Distribution section.
On the next screen, select the App ID that is going to use the provisioning profile and click Continue. On the following screen, select the distribution certificate, the one you created on the first step. Keep in mind that the certificate selected in this step should be used together with the provisioning profile when building the app. On the last step, enter a name for the provisioning profile. You can for example use the name of the app, followed by _inHouse. Don't use spaces your special characters in the name.
Click Continue and download the file to your computer. You will need it when building the app.