html2app docs
    Warning

    iOS Support Status: html2app does not yet support iOS apps. This documentation is likely incomplete and may not be accurate. Please check back later for updates.

    iOS Certificates & Profiles

    Understanding iOS certificates and provisioning profiles is essential for app development and distribution. This guide explains what they are, how they work together, and best practices for managing them.

    What are iOS Certificates?

    iOS certificates are digital credentials issued by Apple that prove your identity as a developer. They contain:

    • Your public key (used to verify signatures)
    • Information about you (developer name, organization)
    • A digital signature from Apple
    • Validity period (typically 1 year)

    Certificate Types

    Development Certificate

    • Purpose: Testing your app on physical devices during development
    • Issued by: Apple
    • Validity: 1 year
    • Revocation: Can be revoked without affecting published apps
    • Scope: Only works with devices you've registered
    • Use case: Local development and testing

    Distribution Certificate (Ad Hoc)

    • Purpose: Distributing your app to a limited number of devices outside the App Store
    • Issued by: Apple
    • Validity: 1 year
    • Revocation: Can be revoked without affecting published apps
    • Scope: Only works with devices you've registered
    • Use case: Beta testing with specific testers

    Distribution Certificate (App Store)

    • Purpose: Signing your app for distribution on the Apple App Store
    • Issued by: Apple
    • Validity: 1 year
    • Revocation: If revoked, you must re-sign and re-upload your app
    • Scope: Works for all users worldwide
    • Use case: Publishing to App Store

    What are Provisioning Profiles?

    A provisioning profile is a file that ties together three things:

    1. Certificate: Proves your identity (development or distribution)
    2. App ID: Identifies your app (e.g., com.yourcompany.appname)
    3. Devices: (For development/ad hoc only) Specifies which devices can run the app

    Provisioning Profile Types

    Development Profile

    • Certificate: Development Certificate
    • App ID: Your app's identifier
    • Devices: Registered devices only
    • Purpose: Testing during development
    • Validity: 1 year
    • Device Limit: Up to 100 devices per team

    Ad Hoc Profile

    • Certificate: Distribution Certificate (Ad Hoc)
    • App ID: Your app's identifier
    • Devices: Registered devices only
    • Purpose: Limited distribution outside App Store
    • Validity: 1 year
    • Device Limit: Up to 100 devices per team

    App Store Profile

    • Certificate: Distribution Certificate (App Store)
    • App ID: Your app's identifier
    • Devices: No device restrictions (works for all users)
    • Purpose: App Store distribution
    • Validity: 1 year
    • Scope: Worldwide

    How They Work Together

    When you build and sign your iOS app:

    1. Xcode reads your provisioning profile
    2. Profile specifies which certificate to use
    3. Xcode uses that certificate to sign your app
    4. iOS device verifies the signature when installing

    Example flow for App Store distribution:

    Your App Code

Xcode Build Process

App Store Provisioning Profile

Distribution Certificate (App Store)

Signed App

Upload to App Store

Users download and install

    Security Considerations

    Certificate Security

    • Keep Private: Your certificate's private key is critical. Never share it.
    • Backup: Keep secure backups of your distribution certificate
    • Keychain: Certificates are stored in Keychain Access on your Mac
    • Export: You can export certificates for backup or team sharing

    Provisioning Profile Security

    • Team Sharing: Provisioning profiles can be shared with team members
    • Device Registration: Only registered devices can run development/ad hoc apps
    • Expiration: Profiles expire after 1 year and must be renewed

    Best Practices

    1. Use Automatic Signing: Let Xcode manage certificates and profiles automatically
    2. Backup Distribution Certificate: Keep a secure backup of your App Store certificate
    3. Limit Access: Only share provisioning profiles with team members who need them
    4. Monitor Expiration: Set reminders for certificate/profile renewal (1 year)
    5. Revoke Compromised Certificates: If a certificate is compromised, revoke it immediately
    6. One App ID Per App: Use separate App IDs for different apps
    7. Team Management: Use Apple Developer account to manage team access

    Next Steps

    • Create Your Credentials: Follow Create Certificates for step-by-step instructions
    • Understand Publishing: Read App Store for the full publishing process
    • Set Up in Xcode: Configure your project with automatic or manual signing