I've spent quite a time looking or at least searching for the solution but I couldn't find a way.
I've always been an android person along with Windows but recently I've been in need to publish on iTunes.
So I work at a company that develops apps and we are developing an app for an another organization, the app will be published under their apple account. They added us as an "App Manager" in the members and I've requested Certificate + provision profile for the app that they create in their apple account. When I build unto XCode I have the issue of "certificate doesn't have private key"
I looked online in the xcode manuals, the only way to publish to iTunes either directly from Xcode or through Application Loader I need a certificate that has a private key, please correct me if I'm wrong. So I asked the IT guy in their company to provide me the .p12 so I can proceed with the upload, but he keeps refusing to give me the .p12 saying it's a sensitive file and the only way is to do it through their account and they are in a different city. So what's the point of making an another account a member "App Manager" if I can't distribute from our account?
Is this the correct approach ? This issue has been bugging me lately I'd appreciate any help.
Thanks
The role only determines what you can do in iTunes Connect. Apple does not want you private key, because with it, Apple could build an app as your company and users installing the app would basically trust it as if it were built by you. Or worse, if Apple's dev site gets hacked and the private keys were all stolen, I could build a Facebook app as if I were Facebook. The private key should be protected by the development organization and Apple should not have access to that file.
Separately, you may have an organization that has a group who builds the application for deployment versus a group who actually submits the app for release to Apple. Many big IT organizations work this way. In this case, your development team is given the private key, cert, and profile, and will generate the signed binary for submitting to the app store. They could not actually submit it to the store however. They provide the app binary to the deployment team, who has an App Manager role. That user would then submit to Apple.
You simply need to explain that you cannot create a signed binary for distribution without the private key that is part of the signing identity. If they want to control the private key, have them create the build with the signing identity and send it to you for deployment. If they can't do the build themselves, you need the private key to do it for them.