Create Apple Developer Certificate on Linux
10. December 2023
To upload a app to the App Store, you need to create a Developer Certificate. The official Apple guide shows you how to do it easily with a Mac device in its official documentation. But it can be done also without a Mac, using a Linux System, following this guide of a Github user.
How to do it
- Generate a private key and certificate signing request: Firs create a private key with openssl
Then you can create a Certificate Sign Request, shortly CSR, using the previously generated private key.
Note: change "firstname.lastname@example.org" and "Simon Dalvai" with your values.
Upload the CSR to apple at: https://developer.apple.com/account/ios/certificate/create Choose Production -> App Store and Ad Hoc
Download the resulting distribution.cer, and convert it to .pem format:
- Download Apple's Worldwide developer cert from portal and convert it to pem:
https://www.apple.com/certificateauthority/ - Worldwide Developer Relations - G4 (Expiring 12/10/2030 00:00:00 UTC
- Convert your cert plus Apple's cert to p12 format (choose a password for the .p12).
Note: use -legacy if using opensssl v3.x . Found on StackOverflow
- Finally, update any Provisioning Profile with the new cert, and download them from dev portal. Now you can also sign any Provisioning Profiles with the new certificate and use them to release apps.
Use in CI/CD like Github Actions
The Developer Certificate and Provisioning Profile can be imported in any CI/CD system, like Github Actions. But most CI/CD systems don't support binary files, so the conversion to base64 is needed.
- Create base64 of distribution.p12 Now you can prepare the Developer Certificate for the Github Action.
-w 0to prevent new lines in the resulting base64 string.
Add distribution.base64 content to your CI/CD systems secrets
Recreate the file in its binary format
The same steps work with any binary file, like the Provisioning Profile.