Introduction

In order to build iOS binaries during development and distribution the service requires a certificate and provisioning profile (see Building for iOS). The plugin will take care of uploading the appropriate certificate and profile and then associating them with your application, but you need to configure the plugin with the locations of those files.

N.B. the word profile is used to two distinct things on this page - a Maven build profile and an iOS provisioning profile. Hopefully it's clear by context which is being referred to.

Developer Certificate

A developer certificate is a private signing key and should therefore be specified by each developer working on the project in their settings.xml. We re-use the server section of the settings file for this, as it has various advantages over specifing properties etc. (not least that the passwords/passphrases can be encrypted).

A valid server configuration would look like -

<server>
	<id>ios-developer-certificate</id>
	<privateKey>${user.home}/ios.p12</privateKey>
	<passphrase>superSecretPassword</passphrase> 
</server>

Following the same pattern as authentication, you must configure the plugin with the server id (this id can also be set in the POM as a property or configuration parameter)-

<properties>
	<phonegap-build.ios.server>ios-developer-certificate</phonegap-build.ios.server>
</properties>

It is possible to configure the above using properties but it is not recommended.

Development Provisioning Profile

The development provisioning profile is slightly different because it is intended to be shared between developers building apps under a common wildcard namespace. Therefore there are two approaches supported and which is best will depend on the number of apps under development.

If you are building multiple apps then the best approach is to store the development provisioning profile in a maven zip artifact, so that it can be shared between multiple projects. Firstly deploy a zip (i.e. packaging=zip) artifact into your repository containing the file in the root folder, the filename must match exactly - 

ios.mobileprovision

Now add a provided dependency (so that it does not get compiled into the application) on the deployed artifact e.g. -

<dependency>
	<groupId>com.github.chrisprice</groupId>
	<artifactId>certificates</artifactId>
	<version>0.0.7</version> 
	<type>zip</type>
	<scope>provided</scope>
<dependency>

Finally configure the plugin to use that artifact by referencing the dependencies artifact co-ordinate -

<configuration>
	<keys>com.github.chrisprice:certificates</keys>
</configuration>

If you are building just a single application then it might be easier to include the development provisioning profile in the project. To do this place the mobileprovision file into the phonegap-build folder e.g. -

src/phonegap-build/development.mobileprovision

And set the following configuration property in the project pom.xml to point at that file e.g. -

<configuration>
	<iOsMobileProvision>src/phonegap-build/ios.mobileprovision</iOsMobileProvision>
</configuration>

N.B. it is also possible although not recomended (as the provisioning profile can include multiple developer certificates) to share the developer certificate in the same way by creating a zip with both files, again the filenames much match exactly -

  • ios.p12 - Developer certificate
  • ios.mobileprovision - Provisioning profile

Distribution Certificate

The distribution certificate requires special handling as it is the secure signing key for getting your apps into the app store, so it should also be stored securely. It is intended that one machine is setup to securely host the certificate and distribution builds are done on that machine with the a distribution profile activated.

To set this up, configure the distribution certificate as a server in the settings.xml on the secure host as was done for the developer certificates, but under a new server alias and without specifying the property e.g. -

<server>
	<id>ios-distribution-certificate</id>
	<privateKey>${user.home}/private-folder/distribution.p12</privateKey>
	<passphrase>superDuperSecretPassword</passphrase> 
</server>

And set the following profile dependent configuration property in the settings.xml to point at the server id e.g. - 

<profiles>
	<profile>
		<id>distribution</id>
		<activation>
			<activeByDefault>false</activeByDefault>
		</activation>
		<properties>
			<phonegap-build.ios.server>ios-distribution-certificate</phonegap-build.ios.server>
		</properties>
	</profile>
</profiles>

Distribution Provisioning Profile

The distribution provisioning profile also requires special handling but as it is useless without the distribution certificate can be handled less securely. And as a distribution profile can not be shared between apps, it makes sense to store it alongside the project in the phonegap-build folder e.g. -

src/phonegap-build/distribution.mobileprovision

And set the following profile dependent configuration property in the project pom.xml to point at that file e.g. -

<profiles>
	<profile>
		<id>distribution</id>
		<activation>
			<activeByDefault>false</activeByDefault>
		</activation>
		<properties>
			<iOsMobileProvision>src/phonegap-build/distribution.mobileprovision</iOsMobileProvision>
		</properties>
	</profile>
</profiles>