How to Code Sign Secured iOS Apps in DevSecOps Build System
Signing iOS apps is required before the app can be installed on a mobile device. A valid signature ensures the integrity of an app and stands as proof that the app has not been tampered with. Your best option is to sign iOS app on Appdome.
This Knowledge Base article covers how to sign iOS apps using Appdome’s built-in Sign workflow.
We hope you find it useful and enjoy using Appdome!
As an Appdome user, you can sign any Appdome-built app either by using Appdome’s built-in signing capabilities or using your own mechanism outside of Appdome. It’s your choice. However, If you wish to deploy apps from Appdome, the process is quick and easy for any iOS app, including Native iOS, hybrid apps and non-native apps built-in Xamarin, Cordova, React Native, Ionic and more. Deploying apps from Appdome will leverage unique capabilities such as Automatic deployment of Fused apps into the Apple App Store and Leading EMM Stores.
Appdome is a no-code mobile integration platform as a service (iPaaS), supporting a wide variety of implementations for Android and iOS apps. Appdome allows anyone to easily add additional functionality to any mobile app – instantly, no code or coding required. During the Fusion process adapters are added to the app to achieve the desired added functionality, therefore the app’s original signature is invalidated and must be re-signed to allow deploying the app on mobile devices.
In order to sign your iOS app, you’ll need a valid signing certificate stored in the iOS development environment. To use your signing credentials, you’ll need access to the following.
- Appdome account
- Built (Fused) mobile app
- P12 Certificate File – A P12 certificate file is a certificate and private key concatenated into a single file, protected by a password.
- P12 Certificate Password – The password used to unlock your P12 certificate file.
- Provisioning Profile – A Provisioning Profile allows you to install apps onto your iOS device and includes the signing certificates, a list of supported device identifiers, entitlements, and an App ID.
For more information and a detailed manual on how to create Signing Credentials, please read this knowledge base article.
Signing iOS Apps on Appdome
Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.
Complete the Build and Context workflow.
Select the Sign Tab. Note: a blue underline will appear showing the step is active.
Within Sign, follow these steps:
- Select “On Appdome” as the signing method.
- Upload the P12 Certificate File.
- Add the P12 Certificate Password.
- Upload the Provisioning Profile.
- If your app Fused contains any Extensions or Frameworks, multiple provisioning profiles will be required. Upload Provisioning Profiles to match the required entitlements for each Extension or Framework. The best practice is to upload a Provisioning profile to match each executable in the app. For more information on signing apps with Extension or Frameworks, please read this knowledge base article.
- Wait for Appdome to verify the signing parameters, then click Sign My App.
- If Appdome GO is enabled on your account, you will be presented with an option to save the signing credentials for the current template. Click “Save” if you wish to save the credentials for this Template. Notice, if you click “Skip”, your signing credentials will not be saved and will be required every time this Template is used to Build an app.
For more information on Appdome GO, please read this knowledge base article.
When you click Sign My App, Appdome will analyze the built app’s extensions, frameworks are resources and calculate a checksum that represents an exact state of each component within the app. Embedding the checksum into the app’s executables will ensure that the app can’t be modified or tampered with once the signing is complete.
To learn more about Appdome’s Checksum Validation, please read this knowledge base article. For more information on additional Anti-Tampering features provided by Appdome, please read this knowledge base article.
Congratulations! You now have a signed Fused app ready to deploy.
After Signing iOS Apps on Appdome
Deploy the Appdome Fused App to a Mobile Device
Once you have signed your Appdome Fused app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome-Fused apps, please read this knowledge base.
That is it – Enjoy your Fused app!
How Do I Learn More?
Request a demo at any time.
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.
To zoom out on this topic, visit The Appdome Platform section on our website.
Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.