20.5. Signing Passes Digitally
You have prepared your pass folder with the manifest and the pass.json and all the images, and now you want to be able to digitally sign the pass folder and its content to create your pass file, ready to be distributed.
openssl to sign your
Every pass has to be signed using the certificate that we created
in Recipe 20.1. We will use
openssl again in Terminal in order to
sign our passes. Before you continue reading, make sure that you have
created a folder named pass and
place your pass.json, manifest.json and all your images in this
folder. The folder name doesn’t necessarily have to be called pass. However, to make sure you can follow
through the steps in this recipe and the rest of this chapter, it’s best
to do what I’ve done and put the files in a folder named pass so you can follow along more
Some of you may be a bit confused as to what keys are which and what certificates do what. I hope I can make it a bit more clear here. When you request a new certificate in the iOS Provisioning Portal, Keychain creates a private key on your computer along with a Certificate Request file (CSR). The certificate will be generated by Apple. When you download the certificate, its file extension will be .cer. This is just the certificate! When you import this certificate into your Keychain, Keychain will automatically associate the certificate with the private key that it created before. Now if you export the certificate ...