I am currently developing an iOS application as a subcontractor for a customer with a very specific deployment process.
For security reasons, they can not provide me production certificate, so the deployment process is the following :
1 - They provide me a developper certificate (and the matching provisioning profile) ;
2 - I build an xcarchive signed with this certificate ;
3 - they deploy the xcarchive with their production certificate.
This works fine when developing native application in Xcode, because there is no restriction for signing an archive with a developper certificate.
But with Appcelerator Studio/CLI, the only way I've found to generate an xcarchive is via the Package deployment with the Studio. But this require a production certificate, and I don't have any.
Is there another way to create this archive with a developper certificate, so I can provide it to this company I'm working with ?
Thanks,
Not sure it is exactly what you are after. But if you run your app on a device it will generate an IPA file (in the /build/iphone/build/.... directory). Could you use that?
That is what I use to upload to installrapp for distributing tests :-)
/John
Related
I am trying to publish my app on the app store but I get this error. I have no idea where it is coming from. My certifications and signing are managed automaticaly by XCode. (Select is empty because I erased it on the screenshot)
Invalid Signature - A sealed resource is missing or invalid. The file
at path [AlphaBane.app/AlphaBane] is not properly signed. Make sure
you have signed your application with a distribution certificate, not
an ad hoc certificate or a development certificate. Verify that the
code signing settings in Xcode are correct at the target level (which
override any values at the project level). Additionally, make sure the
bundle you are uploading was built using a Release target in Xcode,
not a Simulator target. If you are certain your code signing settings
are correct, choose "Clean All" in Xcode, delete the "build" directory
in the Finder, and rebuild your release target. For more information,
please consult
https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
I started a brand new project with Cordova, and I am still facing this error. As Always, Apple error are self-explained (irony). What do I have to do to fix this error ?
Thanks
I'm seeing the same thing in a project (on Xcode 9.2) with multiple targets (different version of a single app framework) - all targets pass except one. One of my apps continued to get this error. Perfect situation to look into why this is happening. I first thought it was the signature profile (development vs distribution certificate). Check that first.
But in my case, I had a few files that were not being used by the code that I had excluded from the build. When I added these resources my build passed. Check to see that all needed resources are included in the File Inspector panel. This includes code and media resources.
We have a project with an app main target and two extension targets: content extension and service extension. All of these have the exact same signing settings but I get this error when trying to create an archive in Xcode:
error: Embedded binary is not signed with the same certificate as the
parent app. Verify the embedded binary target's code sign settings
match the parent app's.
Embedded Binary Signing Certificate: - (Ad Hoc Code Signed) Parent
App Signing Certificate: iPhone Developer: XXXX XXXX (XXXXXXXX)
Obviously this is a keychain signing certificate issue. I had many older, expired certificates installed before and it compiled. Then I deleted all expired ones and now the builds fail. But the required certificates are installed and set properly in the project settings.
Time wasted on the issue: 2 days. Thanks Apple!
Can anyone point in the right direction here?
Found the solution here: Embedded binary is not signed with the same certificate as the parent app:
...
Make sure that your certificate is never ever set as Always Trust.
Access must be kept as Use System Default
I'm about to update my app that is now in App Store.But when I was preparing my updates development in Xcode, I accidentally revoked my certificates and I regenerate them. After regenerating all of my certificates, I made a ipaFile and I'm now trying to upload it to iTunes connect.But before that, I found that the Development provisioning file was invalid.(not the distribution one)
And I have about three questions with this situation.
•Is it necessary to regenerate my development provisioning files?
•And if I regenerate my development provisioning file, do I have to regenerate my ceritificates again?
•Are there any problems by uploading an ipa file while my development provisioning file is invalid?
Yes,you can generate Proviosing Profile.
Go to Developer Account ->Click on Invalied Proviosing Profile ->Edit ->Certificate select your developer Certificate -> Rename provisiong Profile -> Click on Generate -> Done -> Download
Please Follow Following Steps.
I have just finished an iOS app for a client, and have received a copy of their distribution profile (.cer format). I have dragged it into XCode as described in the docs from Apple. Now, I can select that profile for a distribution build, in the build settings for the project, but when I go to the target, I cannot select that profile? Any ideas on how to resolve that?
Also, is this the right way to go to create a distribution build, that the client can submit for approval?
Thanks!
- Lasse
You not only need their iOS Distribution Certificate, but the private key for that certificate as well (a password protected .p12 export from their Keychain will work).
You might want to install the client's certificates in a separate Mac User account as well (which will have its own Keychain), so as not to confuse your Keychain, since yours may already have your own certificates.
You need a copy of your client's signing identity. They can export it as a .p12 file from the keychain manager.
The instructions given in the Distribution page on the iOS Provisioning portal clearly still describe the process of creating, and including the Entitlements.plist file in a build for an ad-hoc distribution. The iOS Development Guide's Distributing Applications page, on the other hand, makes no mention of the Entitlements.plist file.
When I tried to "Build and Archive" our latest app following the instructions from the iOS Development Guide, the resulting ad-hoc app.ipa wouldn't install on my development device, due to a problem with the entitlements. When I rebuilt with the Entitlements.plist file, the new app.ipa installed fine.
Unfortunately, including the Entitlements.plist in the app.ipa means that the resulting build can't simply be re-signed and submitted to the app store - Right? Instead, I have to rebuild without the Entitlements.plist and submit the result to the app store.
I guess that I really have a few related questions:
Would the app.ipa produced as directed in the iOS Development Guide (no Entitlements.plist, just sign with the ad-hoc distribution provisioning profile) install OK on a non-dev device that was properly identified in the test distribution provisioning profile?
Is there any way for me to test the exact results of a "Build and Archive" on my dev machine, so that I can just re-sign it and submit it to the App Store from Xcode?
Will an app.ipa that explicitly includes an Entitlements.plist file be rejected if I did submit it?
Thanks!
As of Xcode 4.2 you no longer have to create an Entitlements.plist file when creating applications that do not require any special permissions to run. The get-task-allow entitlement is automatically set to true or false, depending on what kind of provisioning profile you sign your application with (Developer, Ad Hoc, or App Store).
ref:http://help.testflightapp.com/customer/portal/articles/535398-invalid-profile-distribution-build-entitlements-must-have-get-task-allow-set-to-false-
i just tried , no need entitlements for simply ad-hoc , simply using ad-hoc profile to archive and share , then fine .
From the iOS Developer library:
If you're doing an Ad Hoc distribution, you must properly configure your project to include an Entitlements.plist file and uncheck the get-task-allow checkbox (which sets it to False).
http://developer.apple.com/library/ios/#technotes/tn2242/_index.html
There's no issue with leaving the Entitlements.plist file in the Distribution build, I've had several apps submitted with it.
Actually, Entitlements.plist is also for other iOS features that your app may use:
Entitlements. These files define
properties that provide your
application access to iOS features
(such as push notifications) and
secure data (such as the user’s
keychain).
http://developer.apple.com/library/ios/#documentation/Xcode/Conceptual/iphone_development/115-Configuring_Applications/configuring_applications.html
Also check this answer:
The executable was signed with invalid entitlements
Get-task-allow is now called "Can be debugged" in Xcode 4.1 if you've used the modernization tool
I don't have answers to all your questions, but I needed to add an Entitlements.plist when I recently used ad hoc distribution for some testing. I think the documentation still talks about the 'get-task-allow' setting in the .plist, but when I followed the instructions exactly I had problems signing the app. Instead, I created an Entitlements.plist using Xcode's template. It has two or three settings, none of which are get-task-allow. I left it exactly as it was when created, and the build succeeded.
My experience in the past has been that apps submitted to the app store with an Entitlements.plist included failed the verification step.