So… I can unequivocally say that this is not the case. When I create certificates, I never use Xcode to create them and they work just fine. The only thing I used Xcode for was downloading profiles, but now I use my Profile Triage app for that. That said, you do need at least six items for building for the App Store (roughly in this order)
Device profiles
App Identifier (com.example.myapp)
Development Certificate
Development Profile
Distribution Certificate
Distribution Profile
The dev profile (which you need for debugging) relies on the dev certificate, devices and App Identifier.
The dist profile (which you need for a final build) relies on the dist certificate and the App Identifier.
If any of the prerequisites for the profiles are changed or invalided in any way, the profiles are also worthless and need to be regenerated. For expirations, that’s as simple as fixing the problem items, editing the profiles to update the edited items and then clicking Save on Apple’s portal.
In terms of getting certificates to your machine, you should be able to download directly from the site and double-click them in the Finder. If they don’t, you probably have one or more expired or missing WWDR certificates on your machine.
There is one major caveat though… Certificates can only be downloaded once to get the whole thing. The first download includes the Public and Private keys but after that it only includes the Public key. The Private key is what you need to do the actual signing so if you lose the original, you need to regenerate the certificate.
I am hoping to add more of this functionality to my tool in the future.
If I’m distributing via a web site (never via the App Store) what do I need? (I’m already doing this but the odds are that I have more than I actually need)
As far as I can tell, then, I shouldn’t need Xcode on my machine at all. I have it probably because I thought I needed it for this whole game, but my copy dates from 2019 and it would be nice to recover the more than 16Gbytes it occupies. I’ve not dared to remove it since thanks to AppWrapper the process for codesigning/notarising goes smoothly.
I tried your profile triage tool beta but it claims I have no profiles so it quit. Is your tool intended to complement AppWrapper in that you ensure we have the right certs, profiles, and then AppWrapper allows simple use of them?
Let’s start here. The primary purpose of my tool was to help people developing iOS apps with Xojo because I seemed to be answering the same questions over and over. The app wraps many of those items together in one place.
If you’re distributing via website, you don’t need profiles. The whole reason you need them is for development for the App Store.
Codesign doesn’t need Xcode, but the notarizing tool definitely does so you may be out of luck.
Ironically this is the most complicated item to answer.
There are two different types of profiles… Development & Distribution. Dev profiles are for the person that is doing development and contains references to the developers that are allowed to work on the project, the devices they are allowed to test on and the app ID of the particular app. Dist profiles are for the people/machines that will be building for distribution. It contains references to the distribution certificate and the app ID. (These two are separate so that they can be in large companies where the roles might be held by different people.)
When you build for debugging, a development profile is included in the build and it won’t run unless the device is in the profile (or it’s a simulator).
That should be included somewhere in the Xojo help along with the conclusions re how to install certificates properly - and how not to do it.
Took me several attempts to configure my primary Mac to get XCode to build correctly for iOS.
I gave up and abandoned two dev accounts, reformatted the mac to blow everything away and started from scratch. Third time worked, and several years later I still really have no idea why.