Skip to content
ASO.dev ASO.dev

Apple Certificates Types

Apple uses various types of certificates to ensure the security of applications, authorize devices, and sign code.
Each type of certificate has its specific purpose.

Types of Apple Certificates and Their Purpose

In modern conditions, for most tasks, you will only need Apple Development and Apple Distribution.
Other types are relevant for specialized tasks - such as Apple Pay, Apple Wallet, distribution outside the App Store, or low-level work with macOS.

Certificates for App Development and Publishing

Apple Development

For debugging applications.
Signs builds that run on real devices during development.
Used with Provisioning profile of type development.

Apple Distribution

For publishing applications in the App Store.
Signs builds that are sent to the App Store, TestFlight, or Ad Hoc/Enterprise distributions.
Replaces the deprecated iOS Distribution and macOS Distribution.

macOS Development

Used for developing macOS applications.
Now replaced with Apple Development.

Mac App Distribution

For publishing in the Mac App Store
Signs macOS applications for distribution through the Mac App Store.

Mac Installer Distribution

For signing installers (PKG)
Used for signing .pkg files when installing macOS applications.

Developer ID Application

For distribution outside the Mac App Store
Allows distributing applications directly, without the App Store, with verification through Gatekeeper.

Developer ID Installer

For signing installers outside the App Store
Signs .pkg for installing applications distributed directly.

Apple Service Certificates

Pass Type ID / Pass Type ID NFC

For Apple Wallet and NFC
Used for signing passes (tickets, cards, etc.) and NFC services.

Merchant ID Certificate

For Apple Pay
Required for integrating Apple Pay.
Signs transactions and interacts with the Apple Pay server.

Certificates for App Store Connect Developers

IOS Development / tvOS Development / watchOS Development

(Outdated)
Used for debugging iOS / tvOS / watchOS applications.
Now replaced with Apple Development.

iOS Distribution / tvOS Distribution / watchOS Distribution

(Outdated)
Used for publishing iOS / tvOS / watchOS applications.
Now replaced with Apple Distribution.

Developer ID KEXT

Signs kernel extensions
Used for signing macOS kernel extensions (.kext)

Developer ID Application G2 / Developer ID KEXT G2

New generation of certificates for Developer ID
Used starting from macOS Catalina and later.

Recommendations

For new projects, use only Apple Development and Apple Distribution - they replace most of the old types.

Developer ID certificates are only required when distributing macOS applications outside the Mac App Store.

Apple limits the number of active certificates of one type (for example, a maximum of 2 Distribution certificates per account).

Certificates Management via ASO.dev