Enterprise distribution certificate and profile
If you are logged in to a Team with Enterprise account then you are not able to create AppStore profiles. Probably you are logged in to the wrong team (try logging out and logging in again, then you'll be able to select the proper team).
If you are logged in the proper team with enterprise account then on the new provisioning profile screen you should see just 3 options:
- iOS App Development
- In House (which is the enterprise prov profile)
- Ad Hoc
Can I use provisioning profile for Enterprise store and App store?
The App-ID should be the same there is no need to change it.
But you need to rebuild with a new production certificate and once when you created you will need to create a new provisioning profile.
Usually, this can be done automatically from xCode if you have the needed rights.
Enterprise Distribution Provisioning Profile Expiration
So generating a new provisioning profile will not invalidate any of the apps out there on devices. Simply generate the new provisioning profile, build a new version of the app with the new provisioning profile, and just make sure all your users / testers update to the new version of the app.
Alternatively, you could generate the provisioning profile and then distribute the profile to all the devices through MDM (if you're using an MDM solution) or by email (not a great experience). Basically the app will continue to run as long as the new provisioning profile gets on the device before the old one expires, whether that's through MDM, manually, or by installing a new version of the app with the provisioning profile in the .app payload. Or if your users download any app with the new provisioning profile, assuming that provisioning profile is set up with a wildcard app ID, that will also correct it (see information about that here: https://stackoverflow.com/a/29121777/3708242).
Basically, you need to do something before the provisioning profile expires (the sooner the better) and get that new provisioning profiles on the device (through one of the options above).
What is best practice for iOS client enterprise distribution?
There are two ways you can do this, but for both you must be added as a member of your client's developer team. Once you have done this, you (or more likely your client) will choose weather to use their in-house certificate or your own distribution certificate that you will manage.
It can be done either way, it is only a matter of who will have authority in the future to submit apps with the same certificate under the same account. That authority resides in the possession of the associated key pair of the certificate. If you are added to the client's dev team and download their distribution certificate, you will NOT have this key and cannot sign distribution builds with associated provisioning profiles.
Therefore, you must either get a .p12 export of the certificate (which contains the key) from the client to install on your machine so that you may sign with it. This will allow you to submit from your machine, but you are then in possession of your clien'ts private key, which they would like to protect. Your other option is to use your own Certificate Signing Request to create a Distribution Certificate on the client's developer account. In this situation, only you have control over the certificate and the client must create new ones if they wish to work with other developers in the future.
Once you have done that, here is an informative guide for enterprise distribution.
Apple Enterprise Distribution Certificate and Profile expiration logic
Why apple is expiring certificates and profiles exact after one year ?
So that you don't set up a parallel app store(IMO)
Can we extend the limit of expiration year from one year to any ?
For Enterprise licenses, 'in-house' distribution profiles have a validity of 3 years. Here is an old thread you may refer.
How iOS decide, The particular app certificate is expired so it should not be run in the device ?
From Apple docs: The first time an application is opened on a device, the distribution certificate is validated by contacting Apple’s OCSP server. Unless the certificate has been revoked, the app is allowed to run.
When installed app life is deciding by iOS i.e. When app is installed first time OR when Certificates and Profiles created ?
Same as above, certificate and PP expiry dates are taken in account before running the app. Try installing an app which was signed with old certificate and you'd see.()
iOS Enterprise Distribution (Ad Hoc) Provisioning Profile
Development provisioning profiles have multiple certificates to allow multiple developers within your organisation to build and collaborate on the same app.
Distribution profiles only have one certificate because distribution builds are from your organisation, of which there is only one.
You only need to create the Distribution Certificate once per year. You can and probably should use the same distribution certificate to generate Ad Hoc provisioning profiles for multiple apps and also for AppStore provisioning profiles.
Related Topics
Repeat Interval for Unnotification
Why Are My Variables Empty When I Cast Them in My iOS Application
Differencebetween Embedded Binaries and Linked Frameworks
iOS 8 - Screen Blank After Dismissing View Controller with Custom Presentation
Adding Background Image to Uilabel
How to Stop/Cancel/Suspend/Resume Tasks on Gcd Queue
Does iOS Provide Built in Text to Speech Support or Any Class Like Nsspeechrecognizer
App Transport Security Xcode 7 Beta 6
How to Know All My Tasks in Grand Central Dispatch Finished
Could Not Instantiate Class Named Ibnslayoutconstraint
Why My Nsdateformatter Returns Null
How to Intercept Push Notifications for Another App
Uicollectionview Horizontal Paging - How to Use Flow Layout
How to Ask User for Camera Access After They Have Already Denied It on iOS
Change the Color of iOS Navigation Bar
How to Add Live Camera Preview to Uiview
Problems with Ssl Pinning and Afnetworking 2.5.0 (Nsurlerrordomain Error -1012.)