Code signing for iOS
Important
Visual Studio App Center is scheduled for retirement on March 31, 2025. While you can continue to use Visual Studio App Center until it is fully retired, there are several recommended alternatives that you may consider migrating to.
iOS apps must be signed to run on real devices. In App Center, this process requires uploading valid signing files generated using Apple's code signing process. You must be able to successfully sign a valid app package locally before attempting to in App Center.
Signing files
Warning
App Center doesn't support signing files with special characters or symbols in the name. For example, accented characters like Ç, Ã or symbols like /.
Certificates (.p12)
- Apple Development: Used to enable certain app services during development and testing.
- Apple Distribution: For submission to the App Store, Ad Hoc or Enterprise distribution.
Provisioning Profiles (.mobileprovision)
- Apple App Development: Install development apps on developer test devices.
- Ad Hoc: Install an app on a limited number of registered devices.
- App Store: Required for submitting your app to the Apple App Store.
- In-House: for In-House app distribution (the profile is only available via the Apple Enterprise program).
Code signing for app and watchOS extensions
Upload an additional provisioning profile for each app extension in your app. Provisioning profiles must be of the same type.
Uploading Signing Files
Important
Make sure the signing assets you upload are those you intend to sign the app with. The bundle identifier and team ID in your app will be overwritten by the signing assets.
To sign your iOS builds, upload a provisioning profile (.mobileprovision
) and your certificate (.p12 file
) when configuring the build, along with the password you've set for the certificate. These files can be found in the Apple Developer Center, under Certificates, IDs & Profiles.
Finding provisioning profiles
Option 1 - Getting a provisioning profile (.mobileprovision) from Apple Developer Center
- On the Certificates, IDs & Profiles page, click on Profiles.
- Pick the provisioning profile for signing your app in App Center and download it. Make sure to select the right type of profile (development or distribution).
- After saving the provisioning profile locally (in a
.mobileprovision
file), you can upload it to App Center when configuring a branch.
Option 2 - Getting a provisioning profile (.mobileprovision) automatically generated by Xcode
Note
When Automatically manage signing is enabled in the target of your project, it's possible to upload the developer provisioning profile generated by Xcode instead of one from the Apple Developer Portal. Adding new devices to the Xcode managed profile requires physically connecting the device to your Xcode machine, so this option prevents App Center from registering devices and re-signing apps for you.
- Enable the automatic signing option in Xcode. Refer to setting up Xcode to automatically manage your provisioning profiles
- Push the project's changes into your repository.
- Get the generated provisioning profile from
~/Library/MobileDevice/Provisioning Profiles/
- Upload the new provisioning profile Xcode has generated to App Center when configuring a branch.
Getting a certificate from Apple Developer Center (.p12)
- On the Certificates, IDs & Profile page, click on Certificates.
- Select the certificate to be used for signing your app in App Center and download it. Make sure to select the right type of certificate (development or production) and that the provisioning profile you've previously selected contains this certificate. Also, you need the private key for the certificate installed on your Mac - it isn't included if you just download the certificate from the Apple Developer Center, you must open the downloaded certificate.
- After you've downloaded the certificate, locate it on your Mac and open it. This opens the "Keychain Access" app.
- If the correct certificate isn't selected in "Keychain Access", select "My Certificates" on the left, and locate the certificate you've downloaded.
- Expand the certificate to see the corresponding private key.
- Select the certificate and private key, then right-click for the context menu on the items and choose "Export 2 items…".
- Pick a location on disk to save the file as a
.p12
– it's recommended to use a strong password for the file. - After exporting the provisioning profile locally, you can upload it to App Center when configuring a branch.