Skip to main content
LinkedIn
Copied!

Table of Contents

Signing iOS apps locally

Version:

Only available versions of this content are shown in the dropdown

Follow your company policies and ensure that you do not expose your iOS certificates and provisioning profiles in third-party platforms, by signing your iOS apps locally.

For example, your company's internal audit policies might prevent your from uploading the iOS code signing certificates and provisioning profiles to Pega Platform. In such situations, generate an unsigned iOS app bundle in Pega Platform and then sign it on your local macOS computer.
Prepare the framework for signing your iOS app locally:
  1. Use a computer with the macOS operating system.
  2. Obtain a signing certificate and a provisioning profile. For more information, see Obtaining a signing certificate for iOS apps and Obtaining a mobile provisioning profile for iOS apps.
  3. Install the free Xcode application from the App Store, and then, in the Terminal application, install the command line tools by entering xcode-select --install
  4. Create an unsigned certificate set. For more information, see Creating an unsigned iOS certificate set.
  5. Generate an unsigned xcarchive bundle, and then download it to your computer. For more information, see Generating installation packages.
  1. Place the zipped xcarchive bundle, the .p12 file with the certificate, and the .mobileprovision file in the same folder.

    The folder has the following structure:
    • MyUnsigned.xcarchive.zip
    • ios-certificate.p12
    • ios.mobileprovision
  2. Open the Terminal application, and then navigate to the folder with your files.

  3. Extract the zipped xcarchive bundle.

    Enter unzip MyUnsigned.xcarchive.zip -d MyUnsigned.xcarchive
  4. If the bundle already contains a code signature folder, remove the existing code signature.

    Enter rm -rf MyUnsigned.xcarchive/Products/Applications/MyUnsigned.app/_CodeSignature/
  5. Copy your provisioning profile to the extracted xcarchive folder.

    Enter cp ios.mobileprovision MyUnsigned.xcarchive/Products/Applications/MyUnsigned.app/embedded.mobileprovision
  6. Provide the App ID entitlements that are required for signing the app:

    1. Create a new text file.

    2. Insert the following template in the file, and then replace the TEAM_ID and BUNDLE_ID placeholders with values that match your App ID configuration:

      <?xml version="1.0" encoding="UTF-8"?>
      <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
      <plist version="1.0">
      <dict>
      	<key>application-identifier</key>
      	<string>TEAM_ID.BUNDLE_ID</string>
      	<key>aps-environment</key>
      	<string>production</string>
      	<key>com.apple.developer.team-identifier</key>
      	<string>TEAM_ID</string>
      	<key>get-task-allow</key>
      	<false/>
      </dict>
      </plist>
    3. Save the file as entitlements.plist in the folder with your other files.

      The folder has the following structure:
      • MyUnsigned.xcarchive.zip
      • MyUnsigned.xcarchive
      • ios-certificate.p12
      • ios.mobileprovision
      • entitlements.plist
  7. At the command prompt, import your certificate from the .p12 file to the Keychain application.

    Enter open ios-certificate.p12
  8. At the password prompt, enter your password certificate.

  9. Optional:

    To review the signing identity, enter the following command: security find-identity

  10. Sign the code of your app.

    Enter codesign -f -s <signing identity> --entitlements entitlements.plist MyUnsigned.xcarchive/Products/Applications/MyUnsigned.app/
  11. Open the xcarchive file in Xcode.

    Enter open MyUnsigned.xcarchive
  12. In Xcode, ensure that your archive is highlighted, and then click Distribute App.

    Xcode launches a flow that signs your app and exports it as an .ipa file.
  13. Complete the app signing and export flow:

    1. Select the preferred method of distribution, and then click Next.

    2. Select the distribution options for your app, and then click Next.

    3. Select the certificate and provisioning profile that you want to use, and then click Next.

    4. Review the summary of the app signing flow, and then click Export.

    5. Choose the folder in which you want to save your iOS App Store Package file, and then click Export.

An .ipa file with your app is now available in the chosen folder. You can launch the app and distribute it to your users.
Suggest Edit
Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us