Certificates, iOS , Apple and Windows

If you are on Windows, generating the required certificates for signing your iOS app can be a bit of a pain. OpenSSL is a utility that addresses everything needed to get the certificates generated and uploaded to your Apple Developer account.

First, download OpenSSL for Windows (you may need to download the accompanying VC++ redistributable pack as a prerequisite)


Follow the steps below to get to your p12 certificate

  1. 1. First , generate a PRIVATE KEY (needed to sign your certificate)
    openssl genrsa -out privatekey.key 2048
  2. Next, use this key to CREATE a REQUEST for a certificate (a certificate request)                                                                                                                                                                                                                                                                                                                                                                     C:\OpenSSL-Win32\bin>openssl req -new -key privatekey.key -out CertificateSigningRequest.certSigningRequest -subj “/emailAddress=youremailaddress/CN=Your iOS account name/C=US”  (Note: You need a forward slash, not a comma, to separate the fields)
  3. Upload this request file to your iOS developer account. Apple will generate the certificate for you (this will be a .cer file). For production certificates for your iOS app, select the option ‘App Store and Ad-Hoc’
  4. Now you probably need a .p12 file instead of a .cer file. To go from .cer to .p12 is not difficult provided you still have your original privatekey saved.

  4a) First go from .cer to .pem
   cmd> openssl x509 -in ios_development.cer -inform DER -out ios_development.pem -outform PEM  
  4b) Go from .pem to .p12
  cmd > openssl pkcs12 -export -inkey privatekey.key -in ios_development.pem -out ios_development.p12

Generating an ipa file

Now that you have your developer certificate in p12 format, you can use a build service like PhoneGap to create your redistributable app (.ipa) file. The PROVISIONING profile file that you obtain from your iOS Developer account will contain the DEVICES that the .ipa will run on. In other words, the .ipa is not yet publicly usable  – it is restricted to the devices that you configure in your profile (developer profile on apple developer account).

Cloud Advisory Services | Security Advisory Services | Data Science Advisory and Research

Specializing in high volume web and cloud application architecture, Anuj Varma’s customer base includes Fortune 100 companies (dell.com, British Petroleum, Schlumberger).

All content on this site is original and owned by AdverSite Web Holdings, Inc. – the parent company of anujvarma.com. No part of it may be reproduced without EXPLICIT consent from the owner of the content.

Anuj Varma – who has written posts on Anuj Varma, Technology Architect.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *