If you are on Windows, generating the required certificates for signing your iOS app can be a bit of a pain. OpenSSL is a utility that addresses everything needed to get the certificates generated and uploaded to your Apple Developer account.
First, download OpenSSL for Windows (you may need to download the accompanying VC++ redistributable pack as a prerequisite)
Follow the steps below to get to your p12 certificate
- 1. First , generate a PRIVATE KEY (needed to sign your certificate)
openssl genrsa -out privatekey.key 2048
- Next, use this key to CREATE a REQUEST for a certificate (a certificate request) C:\OpenSSL-Win32\bin>openssl req -new -key privatekey.key -out CertificateSigningRequest.certSigningRequest -subj “/emailAddress=youremailaddress/CN=Your iOS account name/C=US” (Note: You need a forward slash, not a comma, to separate the fields)
- Upload this request file to your iOS developer account. Apple will generate the certificate for you (this will be a .cer file). For production certificates for your iOS app, select the option ‘App Store and Ad-Hoc’
- Now you probably need a .p12 file instead of a .cer file. To go from .cer to .p12 is not difficult provided you still have your original privatekey saved.
4a) First go from .cer to .pem
cmd> openssl x509 -in ios_development.cer -inform DER -out ios_development.pem -outform PEM
4b) Go from .pem to .p12
cmd > openssl pkcs12 -export -inkey privatekey.key -in ios_development.pem -out ios_development.p12
Generating an ipa file
Now that you have your developer certificate in p12 format, you can use a build service like PhoneGap to create your redistributable app (.ipa) file. The PROVISIONING profile file that you obtain from your iOS Developer account will contain the DEVICES that the .ipa will run on. In other words, the .ipa is not yet publicly usable – it is restricted to the devices that you configure in your profile (developer profile on apple developer account).