How to create an iOS provisioning profile and .p12 certificate on Windows Machine

How to create an iOS provisioning profile and .p12 certificate on Windows Machine

As I found a few weeks ago there is still many people who don’t know that you can develop iOS apps and games with AIR also on windows machine. When you’re beginner or hobby developer it’s still the great chance how to start with iOS development because not everybody has Mac or money to buy some. So how to start and what you need? At first you have to register to iOS developer program which costs $99/year. When you finished with registration you’ll get developer account for access to developer portal and itunes connect. If you have Mac is quite easy, all needed information you can find in developer portal but if you want to use for development windows machine it’s a bit complicated. In the next few steps I will show you how to create .p12 certificate and provisioning profile needed for iOS development on windows machine.

Creation of .p12 certificate

Before start you need to download and install the latest version of OpenSSL for Windows from this website:

Now open windows terminal (Command Prompt) with command cmd and make sure to run it as an administrator. Change your working directory to bin directory of your OpenSLL installation. In my case working directory is following:

cd c:\OpenSSL-Win64\bin

Now generate your private key with the following command:

openssl genrsa -out mykey.key 2048

Key file generated by this command is located in C:\\OpenSSL\bin directory of your OpenSSL installation. In this case key file is called mykey.key but you can choose any name but then you have to adapt following commands to file name of your key file. Keep key file in bin directory and run the following command to create certificate signing request:

openssl req -new -key mykey.key -out CertificateSigningRequest.certSigningRequest -subj "/, CN=Your Name, C=SK"

In command above edit all information for yours. Like name of your key file (in my case mykey.key ), email (, company name (CN=Your Name) and country code ( C=SK – in my case Slovakia). When command is finished you can find in bin directory certificate signing request file, in this case called CertificateSigningRequest.certSigningRequest. We’re done with OpenSSL for now. It’s time to move to developer portal.

Now you have to log in to developer portal and  go to section Certificates, identifiers & profiles.


On the next screen you will see sections for iOS Apps, Mac Apps and Safari Extensions. In the section iOS Apps click on certificates.


On the left side of screen click on item Certificates -> All (1.). Now in the right section of screen you can see list of development & distribution certificates. Above the list with certificates is  plus (+) button, so click on button for adding new certificate (2.).


There are several possibilities because exist more types of certificates but for common iOS app  you need only development and distribution certificate. In this tutorial we will mainly focus on iOS App development certificate but process for adding new distribution certificate is the same. So now from multiple options we will choose option iOS App Development (1.). If you would like to add production certificate you will choose option App Store and Ad Hoc (2.)


Now click on continue button.


On the next screen you can read information how to manually create certificate signing request but described method there is for Mac users only. We generated our certificate signing request on windows machine with OpenSSL, so we can skip this step and continue to next screen.


Now choose location of CertificateSigningRequest.certSigningRequest file from your local disk (this is file we generated a few steps above with OpenSSL)  (1.) and click on continue button (2.).


Download and save generated development certificate to your local disk to bin directory of your OpenSSL installation (1.) and click on done button (2.) and you can close developer portal. For last 2 steps of process of creating .p12 certificate we will need again OpenSSL.


Again open windows terminal as administrator and run following command to convert apple developer certificate to .pem certificate :

openssl x509 -in ios_development.cer -inform DER -out ios_dev.pem -outform PEM

In previous command  you have to change ios_development.cer with name of your certificate file (.cer) downloaded from developer portal and also you can change name of .pem file (in my case ios_dev.pem) by yourself. And finally we use created .pem file and mykey.key file for generation of  .p12 certificate. So run following command:

openssl pkcs12 -export -inkey mykey.key -in ios_dev.pem -out ios_dev.p12

You’ll be prompted to set password and confirm it. Remeber or save your password because you’ll need it during packaging of app in the future. We are done! Now you have .p12 certificate for iOS app development but we need also provisioning profile so will continue with creation of provisioning profile.

READ  ARKit - list of learning resources

Creation of provisioning profile

Again open apple developer portal and in right menu pick item Certificates, Identifiers & Profiles.


On the next screen, in section iOS apps click on Identifiers (1.).


Here you can see list of all my registered apps identifiers (but your list will be empty at beginning). For adding new app identifier you have to click on plus (+) button in the right side of the list header bar.


So now we will add new app identifier for my example app with name TestApp. At first fill App ID description (1.) I will use as App ID description name of my example app but you can fill any description. Next choose type of App ID suffix (2.). There are two options. If you want to use for all your apps same development provisioning profile pick option wildcard App ID. So in that case my bundle id would be com.tomasmahrik.* (my domain is, if  you want to have own provisioning profile for every of your apps pick option Explicit App ID and fill exact and unique bundle id (in my case would be com.tomasmahrik.testapp). And finally check all services which you’re planning to use in your app (you can edit this option in the future) and click on continue button (3.).


Now again check all filled data in previous step. If everything is OK click on submit button.


Now registration of App identifier for our example app called TestApp is done.


We will move on the next step. In iOS app section pick item Devices (1.).


Here you can see list of all registered iOS devices (1.) in my developer account (your list will be empty in the beginning). So you have to add some iOS device/s for beta testing and debugging. So click on plus (+) button (2.) in the right side of list header bar.


In the next step you will be requested to fill unique name for your device and device UDID (this unique string code of your device copy from iTunes). And click on continue button.


If you are done and you added at least one iOS device we can move on the last step. In iOS app section pick item Provisioning profiles (1.).


Here you can see list of all my provisioning profiles (1.) (your list will be empty on beginning). So we need to add new provisioning profile for our TestApp. Click on plus (+) button (2.) in the right side of list header bar for adding new provisioning profile.


Now select type of provisioning profile (1.) (development or distribution). For development and beta testing we will need development profile. When you will be finished with app development you have to create distribution provisioning profile. There are two types of distribution profiles App Store and Ad Hoc. App Store profile is used for public app distribution on App Store and Ad Hoc is for special cases when you want to distribute your app only for a small group of people. So we will select development provisioning profile and click on continue button (2.).


Now check iOS development certificate/s (1.) which will be used with this provisioning profile and click on continue button (2.).


And from list of all registered iOS devices in your developer account check devices (1.) which you want use with this provisioning profile. And again click on continue button (2).


We are almost done! Here select right app identifier (1.) for this provisioning profile and click on continue button (2.).


And we are done. Now you can download your development provisioning profile (1.) and start with iOS app development. Process of creation of distribution provisioning profile is the same.


Wish you a lot of fun with iOS app development 🙂