So you have finished your app and tested it on the simulator. Everything looks good. You’re now ready to proceed with testing on your iPhone. You select the “Send iOS Debug Build” menu item and wait for the build server to work its magic, but then you’re faced with a notice that iOS builds require a valid certificate and provisioning profile. What a hassle!
If you’ve done any iOS development (not just Codename One) I’m sure you’ve hit this speed-bump before. You can’t just test your app on your iPhone. You have to jump through a series of hoops imposed by Apple before you get the privilege of testing your app on your phone. You need to create an App ID with the necessary permissions, generate a certificate signing request, download your certificates, generate mobile provisioning profiles to register your iPhone to be able to test your app. And finally, you have to export your certificates into a format that can be used in Codename One. If you have a Mac, this process is annoying at best. If you don’t, then this process might be your show-stopper.
Personally, I find the iOS certificate process to be the single most painful part of app development. That is why I’m happy to announce that the next version of the Codename One plugin will include a wizard that generates all of these things for you with just a few mouse clicks.
How it works
To generate your certificates and profiles, simply open your project’s properties, and click on “iOS” in the left menu. This will show the “iOS Signing” panel that includes fields to select your certificates and mobile provisioning profiles.
If you already have valid certificates and profiles, you can just enter their locations here. If you don’t, then you can use the new wizard by clicking the “Generate” button in the lower part of the form.
Logging into the Wizard
After clicking “Generate” you’ll be shown a login form. Log into this form using your iTunes Connect user ID and password. NOT YOUR CODENAME ONE LOGIN.
image::/img/blog/ios-cert-wizard-2-login.png[Wizard login form]
Once you are logged in you will be shown a list of all of the devices that you currently have registered on your Apple developer account.
Select the ones that you want to include in your provisioning profile and click next.
If you don’t have any devices registered yet, you can click the “Add New Device” button, which will prompt you to enter the UDID for your device.
Decisions & Edge Cases
After you click “Next” on the device form, the wizard checks to see if you already have a valid certificate. If your project already has a valid certificate and it matches the one that is currently active in your apple developer account, then it will just use the same certificate. If the certificate doesn’t match the currently-active one, or you haven’t provided a certificate, you will be prompted to overwrite the old certificate with a new one.
The same “decisions” need to be made twice: Once for the development certificate, and once for the Apptore certificate.
App IDs and Provisioning Profiles
The next form in the wizard asks for your app’s bundle ID. This should have been prefilled, but you can change the app ID to a wildcard ID if you prefer.
Installing Files Locally
Once the wizard is finished generating your provisioning profiles, you should click “Install Locally”, which will open a file dialog for you to navigate to a folder in which to store the generated files.
Building Your App
After selecting your local install location, and closing the wizard, you should see the fields of the “iOS Signing” properties panel filled in correctly. You should now be able to send iOS debug or Appstore builds without the usual hassles.
This wizard is just the next step in our mission to simplify the app-development process. In the next while we’ll be rolling out more features like this. Some planned features include push certificate generation and Appstore uploads. If there are particular aspects of the app development and deployment process that you still find cumbersome, make sure to let us know so we can work on finding solutions.
If you want to see the wizard in action, you can check out this 2 minute screencast.
Great work, guys! I’ll try this out in the coming weeks
Why do we have to select devices? Is that for testing purposes only?
Yes. Apple allows running on up to 100 devices and you need to add them to your account as testers.
After selecting my device and clicking on Next I get an error saying that my session has expired and I should login again? See pic attached
Not sure yet what would cause that. If you log into your Apple developer account are there any pending agreements that you have to agree to? Are you able to access the “create certificate form” in your apple developer account? Also, does your account have multiple teams? (i.e. when you log into apple developer to you need to select a team?)
Actually I have just made some fixes to the wizard. Please try again and it should work.
It wooorks! Amazing, takes just 2 seconds. Congrats on an amazing job for the community! 🙂
This is a great achievement. Well done CodeNameOne team
That’s fantastic! Especially if you are developping on Windows, certificate creation was such a pain! Very well done!
If I could also do the appstore upload from the Codename One plugin as planned, then I could finally cease using MacInCloud again.
That would be an even better enhancement than the certificate wizard, because I do a lot more uploads than I need to create certificates!
It was something we wanted to add but the deployment complexity is far bigger.
I want it too since that’s pretty much the only reason to own a Mac and we have at least the rudimentary understanding of how to do that.
I tried the wizard and it works just fine. However, I have two test apps and I noticed that after using the wizard to generate certificates for the second app, the first one’s certificates are marked as ‘invalid’ and the app no longer runs on my device. Is this a restriction from Apple or from the wizard?
The wizard asks you if you already have P12 files otherwise it regenerates them for you and effectively invalidates the old ones.
So are you saying that I can use the p12 files generated for the first app in all others? I vaguely remember that the build failed when I tried that but I’ll have to recheck based on your answer.
Wizard button did not appear in the place described here. IDEA 14/15.
Installed Macos, Xcode and attached developer account to xcode, tested device build. Restarted IDEA. No luck.
Moreover, in IDEA preferences, there are 2 instances of Codename One configuration nodes.
That feature isn’t available yet in the IntelliJ version of the plugin.
After pressing generate and logging in to my Itunes account
I get this message(attached image)
any idea how to fix it?
Thanks in advance.
You shouldn’t get that message so its definitely a bug. Is the page [http://developer.apple.com/…](http://developer.apple.com/ios/manage/provisioningprofiles/index.action) reachable or do you see notices that you need to approve something?
Dismissing Apple notices is horribly unintuitive.
Everything seems fine in that page ,I suppose I didn’t ‘enroll’ and paid the 100$ fee.
I hope that’s not the problem…
You need to pay Apple and wait for approval which takes a couple of days.
Well that’s unfortunate,thanks anyway!
I can’t see any login dialog. When i press Generate, I just get the message “This feature requires you to be logged in.” This happens on a fresh install of NetBeans with Codename One plugin, both on Mac and Windows. Am i doing something wrong?
Yes, I think its a mistake to require that. It was added to simplify the process of generating push certificates.
You login in the main Codename One section of the preferences at the bottom of the UI. That might be hidden if you have a small screen.
You’re right, that section was hidden. I found it myself after some googling. Apart from that, the wizard is very simple and smooth – saved me a lot of work!
I used the free version Codename one and Intellij IDEA. Why is there no button generate? What should I do to make it come from?
The certificate wizard is available for free. The IntelliJ plugin is a bit out of date with many new features such as Java 8 support etc.
We are working on a complete overhaul of the plugin but get side tracked a lot. I hope we’ll be able to bring it into feature parity with the current NetBeans/Eclipse plugins for 3.3.
Shai, thanks for answer. I will try to set up Eclipse or NetBeans.
Shai, can you answer me, in last version Eclipse for java developers (mars) is there this button? I don’t found that.
This is what I’m seeing, how did you install the plugin?
Does each app needs its own Certificate? I am confused by that aspect. I have just been testing things out, and whenever I choose to Overwrite the certificate I get an email from Apple saying my certificate has been revoked. What should the general process be? Should each app have its own p12 certificate?
That should indeed be clearer in the wizard, I’m not exactly sure how we can do that though…
You need one set of signing certificates for all your apps. You need to renew them once per year as they do expire.
Provisioning profiles are done per-app so when you run the wizard on a new app just tell it NO when it asks to generate the certificates and point the UI to the P12 files you generated last!
Now this is the point where it gets hard… When doing push you DO need new P12 files that are specific to the app, they are totally unrelated to signing/building and are only used for push. So if you check the “push” checkbox you will need to generate those. You will get an automatic email message with instructions when you check that flag.
This is a great feature. The one thing I don’t understand is where it gets the certificate passwords from. I can complete the wizard process successfully, but when I’m done I find that it has used the value “password” for my certificate passwords. I don’t want it to use that, how do I specify what password the wizard should use for my certificates? I am using Eclipse. I saw some talk in another thread about setting some project level password but I don’t see that.
I don’t think that’s configurable for the build p12 files. Notice that the security of those files isn’t crucial as they are stored on your local machine. Normally on a Mac when building locally the keys are just protected by your OS password.
When I run the iOS Certificate Wizard, a window pops up saying “Select Team”. But no teams are listed and there is no response to the Next button either. How do I get beyond this?
If you navigate to [http://developer.apple.com/…](http://developer.apple.com/ios/manage/provisioningprofiles/index.action) do you see teams or something like that?
Do you have the ability to create a new certificate/provisioning profile?
Is there something “special” about your account? (Enterprise, University etc.)
Thanks very much, Shai, for pointing me in the right direction. I think Codename One is great and have used it successfully with no problems to develop an Android app. Now, not being an Apple person, I just have to get by their hurdles to become a registered iOS developer.
Hello I am getting the following error “could not create development profile. No matching provisioning profile was found” when I try to generate the certificated.
I do have a developer account which I use to login with. (this step is successful)
Selecting device step is also successful as I see the newly added device on my developer’s account.
I would appreciate any help.
Hi. I’m trying to use the wizard to generate a certificate. It worked fine previously but now, it isn’t working. It asks me for the devices, I select them, it asks if I want to overwrite existing iOS certificate and I say “Yes”.
But then it doesn’t generate any certificate. Any idea why? I don’t get any error message.
Also I noticed that my “Certificates” screen shows up with “Enable Push Pro Feature only” at the bottom.
I am not sure if this is causing any issues?
There was an issue with Apple changing it’s certificate process, we’ve deployed an update that should fix this.
There was an issue with Apple changing it’s certificate process, we’ve deployed an update that should fix this.
The enable push is unrelated.
Thank you very much! Looks like its working now,
Hello, i am getting same Message (Select team ), and i checked my Apple account and i can’t see anything like teams, and don’t know what could be the reason behind !
appreciate your help
Hi James, have you actually figured out your way around this? Exactly what did you do? Any one has an idea?
You need to have a paid Apple account for this to work
Hi, i am unable to generate a certificate using the wizard, it asks me to select a team but there is no team listed. I tried logging into my apple account [https://developer.apple.com…](https://developer.apple.com/account/#/welcome) but even there i could not find any certificate for signing.
How do i do it?
do you have a paid iOS developer account?
Can you generate a CSR in your apple account?
That’s a requirement to generating the certificate.
I am using a university dev account, I know that I cannot create Appstore certificates.
Using the ios Signing wizard from Codenameone settings panel (NetBeans, latest Plug-in),
everything works so far and the certificate + provisioning profile + appid get created.
However the needed certificate password is not stored in the [codenameone_settings.proper…](http://codenameone_settings.properties) file.
Is there a bug? Otherwise I’m having troubles as I do not own a Mac for the CSR.
Additionally the created files (I downloaded them from the developer account website, as I couldn’t find them on my system) do not get added into the related fields.
I fixed it by creating the .p12 file on my own.
this should work even with a university account
Hi, unfortunately it only creates a .cer file and not the needed .p12 file
I’m assuming you downloaded the cer files from the apple site and didn’t generate them via the tool. Right?
No, I used the tool for the whole process. It shows that the AppStore certificate was not generated, after setting App Name (you should add validation that no special characters are allowed) & App ID, it runs into an error “Could not create appstore profile. No matching provisioning profile was found”. Then it returns to the view where App name and ID are set. Then I tried to download the files from [developer.apple.com](http://developer.apple.com), because I couldn’t find any generated/downloaded file on my system, neither are any paths/settings set in the Codenameone ios signature settings.
In my case I managed to create the .p12 file and build iOS debug-app, but I could not use the wizard at all.
Then you did download the cer file. P12 files aren’t generated by Apple they can only be generated thru the wizard. Unfortunately we can’t debug the university accounts since we aren’t an educational institute.
Hi Steve… great post and awesome work you guys doing. CN1 is one of the great enablers and equalizers out there.
One thing I would like to see is the App Store upload process especially for Apple. Right now I have a challenge as using the Application Loader 3.0 fails saying it is not available right now and that no suitable application records were found and that I should upload my bundle identifier…. What could be the cause of this? And how can I resolve this problem? My App name and App ID as written in netbeans initially didn’t match the one on the developer portal. I edited the portal to match Netbeans but no luck. Any ideas? Any pointers will be highly appreciated.
Got the issue! I had not selected the correct Bundle ID under General information of the app in the developer portal. Now I am getting this error:
ERROR ITMS-90168: “The binary you uploaded was invalid”
Looks like I have to start over… will clean out the portal of any id, certs and profiles and try again.
It’s a painful process the first time around. We’d like to add an upload to itunes wizard at some point but it’s not a trivial task.
Hi Shai, I’m encountering same issue now. is there any fix needed on codename server. Through the wizard it says Developer Cert not Generated and Appstore cert not generated. When I complete the process, it creates profiles and certificates but the passwords showing empty. Build is getting failed.
It’s a regression due to some server changes we made see [https://groups.google.com/d…](https://groups.google.com/d/msg/codenameone-discussions/DerFbZQK0tU/hlEkRDrwAAAJ)
Should be fixed now
“I’m happy to announce that the next version of the Codename One plugin will include a wizard that generates all of these things for you with just a few mouse clicks.” Has it happened yet?
This is a post from 2015… It happened 2 years ago.
I’m faced with the same problem.. I’m developing 2 apps, been test building on android with no problems and wanted to do test iOS builds, the howto above is great and I was able to send a debug build and install etc.. however when trying to do the same for the second app I’m stuck, I used the same wizard.. _DID_NOT_ create a new signing cert (as I thought it would invalidate the original certs and it looks like I’m correct) and only got the provisioning profiles created. My question is how do we use the same certs for other apps when we dont know the password? I get build errors which I suspect may be caused by the fact that I dont know the password for the certificates in the first place =(
You need to copy the P12 files from the other project into your new project and update then in the iOS signing section with their passwords.
thanks shai! ok I figured out the default password for the p12, certs.. its in the properties file of the other project (of course!), I was able to generate the ios build for the second project with the same cert but diff provisioning profile.
my hats off to you and your team! — from a 20 something year java veteran + 2 week CN1 dev =)
So we can’t produce apple builds without having a paid Apple account then?
That’s an Apple restriction. When we launched we provided an option to sign with our own certificate but we removed that as we think it violates Apples terms of service. For that to work you had to have a jailbroken device and that’s not a practical requirement today.
Apple provides free certificates for educational institutes & non-profits so you might be able to obtain a certificate through one of those venues.
Thanks for the quick reply