Understanding certificate sets for iOS

A certificate set stores all the keys and certificates that are necessary to build, run, and distribute iOS apps.

A complete iOS certificate set consists of the following elements:
  • Bundle ID
  • Signing certificate
  • Mobile provisioning file
  • Push notification certificate

You can acquire the components for an iOS certificate set with an Apple developer account. Depending on your business needs, your organization must enroll in either Apple Developer Program or Apple Developer Enterprise Program. For example, if your organization plans to distribute iOS apps on the App Store, use an Apple Developer Program account. If your organization focuses on internal distribution, consider using an Apple Developer Enterprise Program account. For more information about enrollment options in the Apple Developer Portal, see the Apple developer documentation.

Note: Restrictive company policies might not allow developers to upload the company's signing certificates and provisioning profiles. If you want to export an unsigned mobile app and then sign it locally, you can create an unsigned certificate set that only uses the App ID and an optional push notification certificate. For more information, see Creating an unsigned iOS certificate set.
Bundle ID
A unique string that identifies an iOS app. The value of the bundle ID is case-sensitive and must meet the following requirements:
  • Consists of alphanumeric characters (a-z, A-Z, 0-9) or a hyphen ( - ).
  • Consists of at least two segments; all segments must start with a letter and be separated by a period ( . ).

For example: com.example.my.ios-app

The bundle ID is referenced in an App ID that links one or more apps from a specific development team. An App ID consists of a Team ID string that Apple generates for your development team, and a bundle ID search string that corresponds to the bundle ID of a specific app or a set of apps. The App ID also determines what types of iOS services your app supports.

Signing certificate
A certificate for digitally signing entries that identifies the developer of the iOS app and ensures that the app code comes from a legitimate source. You generate the signing certificate in the Apple Developer Portal to install the app on test devices and distribute the app with the Enterprise program or the App Store. You upload the certificate as a .p12 file to an iOS certificate set on Pega Platform.
Mobile provisioning file
A set of digital entities that acts as a link between the developer account and mobile devices. The provisioning profile is deployed in the app bundle and enables you to install and run the app for testing and distribution. In the Apple Developer Portal, you can create different types of provisioning profiles. For example, you can create a profile only for testing your app during development, or create a profile that allows you to publish your app on the App Store.
Push notification certificate
A certificate that Pega Platform server uses to communicate with Apple Push Notification service (APNs) and enable push notification support in your iOS app. You upload the certificate as a .p12 file to an iOS certificate set on Pega Platform.
Note: The mobile provisioning file that you use in the certificate set must support push notifications. Otherwise, the push notification certificate section is not available in the Pega Platform certificate set.

What to do next: Obtain the components for an iOS certificate set by completing the following tasks: