Certificates

Development certificates are for debugging; distribution for release. Keep the count minimal and back up .p12 files with strong passwords.

Types

Apple Development: Debug/internal test; works with Development or Ad Hoc profiles.
Apple Distribution: App Store release and Ad Hoc; valid for one year.
Team tip: let CI or a designated admin generate/manage to avoid scattered ownership.

Create Steps (in Certificates, Identifiers & Profiles)

Prepare a CSR (Keychain Access → Certificate Assistant, or openssl in CI).
In “Certificates” create the type, upload CSR, download .cer.
Double-click to import to Keychain, then export .p12 (with private key) with a strong password; back it up safely.

Renew/Revoke

Before expiry, create a new certificate, update profiles to reference it, then let CI/Xcode download again.
If the private key is lost or leaked, revoke and recreate, then refresh profiles.

Common Issues

“No valid signing certificate”: ensure certificate is in Keychain with matching private key.
Multiple machines: export .p12 + password and import elsewhere; or use Xcode automatic signing (requires Apple ID login).

Next Identifiers Configure App IDs, Bundle IDs, and related capabilities.