When I first started developing with Sencha Touch and PhoneGap on my Windows machine I was ecstatic to learn that I could create iOS applications without a Mac and XCode. This enthusiasm would later be crushed when I attempted to actually put the application on my phone, and learned of the various certificates, profiles and other required files that I had never heard of.
I scoured the internet and most of the information I found lead me to believe the only way to to generate these files was with a Mac and XCode, until I came across OpenSSL. I’m going to provide a step by step walk through for creating a provisioning profile and a p12 file using Windows and OpenSSL. I’m assuming you have already registered as an Apple developer and have access to the developer portal.
First up, you’re going to have to install OpenSSL. You can download it and follow the instructions on this website: http://www.openssl.org/related/binaries.html
1. Generate a certificate signing request
Open up a command terminal (make sure to run it as an administrator) and change your working directory to the directory of the bin folder of the OpenSSL installation. In my case that is:
2. Now you can create your private key with the following command:
openssl genrsa -out keyname.key 2048
This will generate a file called keyname.key in the bin folder. You can of course substitute a different name for keyname if you wish. Keep this file where it is for now.
3. Run the following command to create a certificate signing request:
openssl req -new -key keyname.key -out CertificateSigningRequest.certSigningRequest -subj "/[email protected], CN=Your Name, C=AU"
Change the command to suit your details, if you changed the private key to something else make sure to reflect that here. The “C=AU” portion indicates the country code, you could replace this with US if you are from the United States for example.
2. Generate a development or distribution certificate
1. Log into the iOS Developer Portal and go to the Certificates, Identifiers & Profiles section.
2. Under iOS Certificates click the add button and then select iOS App Development (or if you are ready to release, choose the Production App Store and Ad Hoc option).
3. Click continue until you arrive at a page that gives you the option to upload your Certificate Signing Request. This file is located in the bin folder of OpenSSL along with your private key, locate and then upload it.
4. If this is successful you should be given the option to download the resulting iOS Development Certificate. Download the certificate and save it in the OpenSSL bin folder along with the other two files.
3. Create an App ID
1. Go to the App IDs section under Identifiers and click on the add button. Fill out the details in this section and then click continue, your application should now be listed under App IDs.
4. Add Devices
1. Next up you’ll need to add the device or devices you want to install the application on. Go to the Devices section and click on the add button again.
2. Add the name and the UDID of the device(s) you want to install the application on. To get this information you can plug your device into the computer and open up iTunes, open your device in iTunes and locate your Serial Number – this is not the number you need. Once you have located the Serial Number, click on it. This will reveal the UDID of the device.
5. Create a Provisioning Profile
1. Once you have finished adding any devices you want, you can proceed to the Provisioning Profiles section and once again click the add button in the top right.
2. Choose iOS App Development (again, if you are ready to release the app choose the App Store option under distribution instead) and click continue.
3. Choose the certificate you just created and click continue.
4. Now select any devices you want the application to run on and click continue. Name the provisioning profile and click Generate.
6. Create a .p12 file
Congratulations! You can now download your provisioning file, once again save it in the same OpenSSL\bin folder. Now all that is left to do is create the P12 file.
1. Once again, run a command prompt as an administrator, change your directory to OpenSSL\bin and run the following command:
openssl x509 -in developer_certificate.cer -inform DER -out app_pem_file.pem -outform PEM
Replace ‘developer_certificate’ with the name of the certificate you just created and if you wish you can change ‘app_pem_file’ to whatever you wish.
2. Now you’ll need to use the file you just generated to run the following command:
openssl pkcs12 -export -inkey keyname.key -in app_pem_file.pem -out app_p12.p12
You will be prompted for a password, create one and remember or store it somewhere – you’ll need this when you want to sign apps with it.
BONUS CONTENT: Too many commands to remember? Download a command cheat sheet for next time
That’s it! I hope this helps and if you’re having any trouble feel free to post a comment.