Certificates overview

During the course of developing your app, you’ll create different certificate types for use in different contexts. You’ll use the same set of certificates for iOS, tvOS, and watchOS apps, and a different set of certificates for macOS apps. If you’re using Xcode 11 or later, you can create unified development and distribution certificates for all platforms. You’ll use development certificates to run your app on devices and use app capabilities, and distribution certificates to distribute your app for testing and to upload it to App Store Connect.

Development certificates belong to individuals. You can create a total of two iOS development certificates and two Mac development certificates. In your developer account, the computer name is appended to the development certificate name (for example, Gita Kumar (Work Mac) where Work Mac is the computer name) so you can identify them.

Distribution certificates belong to the team and only one type of each distribution certificate (with the exception of Developer ID certificates) is allowed per team. Only the Account Holder or Admin role can create distribution certificates (if you’re enrolled as an individual, you are the Account Holder).

You can create and revoke certificates using either Xcode or your developer account.

Certificate types

The certificate type helps to identify a certificate in your developer account and Xcode.

Type				Purpose
Apple Development				For use with Xcode 11 and later. Run an iOS, macOS, tvOS, or watchOS app on devices and use certain app services during development.
Apple Distribution				For use with Xcode 11 and later. Distribute your iOS, macOS, tvOS, or watchOS app on designated devices for testing or submit it to the App Store.
APNs Auth Key				Generate server-side tokens as an alternative to certificates for your notification requests.
Apple Push Services				Establish connectivity between your notification service and APNs to deliver remote notifications to your app.
iOS Development				Run an iOS, tvOS, or watchOS app on devices and use certain app services during development.
iOS Distribution				Distribute your iOS, tvOS, or watchOS app on designated devices for testing or to submit it to the App Store.
Mac Development				Enable certain app services for a Mac app during development and testing.
Mac App Distribution				Sign a Mac app before submitting it to the Mac App Store.
Mac Installer Distribution				Sign and submit a Mac Installer Package, containing your signed app, to the Mac App Store.
Developer ID Application				Sign a Mac app before distributing it outside the Mac App Store.
Developer ID Installer				Sign and distribute a Mac Installer Package, containing your signed app, outside the Mac App Store.
Apple Pay				Decrypt app transaction data sent by Apple to a merchant/developer.
Merchant Identity				Authenticate you to Apple Pay Servers.
Pass Type ID				Sign and send updates to passes in Wallet.
Swift signing				For use with Swift Package Manager version 5.9 or later. Sign Swift packages and package collections for distribution.
VoIP Services				Establish connectivity between your notification server and APNs to alert background VoIP apps of incoming activity.
WatchKit Services				Establish connectivity between your notification server and APNs to update ClockKit complication data.
Website Push ID				Sign and send updates for Websites.
MDM Vendor CSR signing				Sign MDM Solution customers or your own Certificate Signing Requests (CSRs) to generate an MDM Push Certificate at identity.apple.com. This certificate is available by request, learn more.
App License Delivery encryption and signing				App License Delivery (ALD) signing and encryption certificates enable generating app license requests for eligible apps.

Note: In your keychain, a signing certificate name contains a hint to the type, and includes the team name and Team ID.