Skip to main content

Generating Certificates

Signing certificates securely store your credentials so you can easily reference them when building your app in the cloud.


You'll need two sets of Apple certificates when your app goes to production, which means you'll eventually need two signing certificates: one for development and one for production.

We'll guide you through creating a development signing certificate with the credentials that you need for the desired platform below.

Android Certificates

The Android keystore, used for signing apps, can be generated using keytool, which is included in the Java JDK. Change MY-RELEASE-KEY and MY_ALIAS_NAME to be relevant to your app. The tool will ask you to enter a keystore password and a key password.

$ keytool -genkey -v -keystore MY-RELEASE-KEY.keystore -alias MY_ALIAS_NAME -keyalg RSA -keysize 2048 -validity 10000 -storetype jks

Securely store a backup of your keystore password, key password, alias and keystore file. These are not recoverable and can prevent you ever being able to update an App in the Play Store.

iOS Certificates

You'll need an Apple Developer account (Individual or Organization). See comparing memberships.

Registering your App ID

Every app must register an ID with Apple.

iOS App id

  • Under Explicit App ID, set the Bundle ID to the ID you've specified in your app's config.xml file. iOS Bundle IDs are represented as a reversed address, such as com.ionicframework.MyIonicApp.

Device Registration

Devices must be explicitly registered with Apple for development.

iOS Register Device

Certificate Signing Request

Before you can get a certificate from Apple, you'll need to generate a certificate signing request file. It can be created on Mac OSX by using Keychain Access and on other platforms by using OpenSSL.

Using Keychain Access

  • Navigate to Keychain Access › Certificate Assistant › Request a Certificate From a Certificate Authority on your Mac.


  • Enter your name and email address. Leave the CA Email blank.
  • Select Saved to disk and hit continue. This will generate your .certSigningRequest file.

Using OpenSSL

  • Generate a private RSA key file.
$ openssl genrsa -out keyname.key 2048
  • Create the certificate signing request file by filling out the interactive form.
$ openssl req -new -key keyname.key -out CertificateSigningRequest.certSigningRequest

iOS App Certificate & Provisioning Profile(s)

Before you can generate App Certificates & Provisioning Profiles, you'll need to register your app and any devices, and obtain a .certSigningRequest.

App Certificates & Provisioning Profiles are for signing your app and giving access to certain devices.


There are two types of Apple certificates: development and production. We'll guide you through generating signing certificates with a development certificate.

iOS Cert

  • Step through the steps. Upload the .certSigningRequest you created to generate a certificate. Then, download your certificate. It should be a .cer file.

Next, we'll need to convert the certificate from a .cer file to a .p12 file. It can be converted on Mac OSX by using Keychain Access and on other platforms by using OpenSSL.

Using Keychain Access

  • Drag your .cer file into your login keychain.
  • Click the My Certificates tab.
  • Right-click the certificate and choose Export.

iOS Cert

  • Select Personal Information Exchange (.p12) for File Format.
  • Save the certificate, giving it a strong password.

Using OpenSSL

  • Download your iOS certificate to the same directory as your private RSA key.
  • Change the format of the iOS certificate to PEM.
$ openssl x509 -inform DER -outform PEM -in ios_development.cer -out ios_development.cer.pem
  • Export the certificate as a .p12 file, giving it a strong password.
$ openssl pkcs12 -export -inkey keyname.key -in ios_development.cer.pem -out Certificates.p12

Provisioning Profile

Provisioning profiles give your app access to be installed, or provisioned, on specific devices. For iOS App Development provisioning profiles, devices are selected manually.

iOS Provisioning Profile

  • Under Development, select iOS App Development.
  • Select the correct App ID (with the Bundle ID matching your app's config.xml file)
  • Select the certificate you generated.
  • Select any and all development devices.
  • Download the .mobileprovision file, which is your provisioning profile file.