Application failed code sign verification log interpretation - xcode

I've spent the last few hours trying to resolve this problem, and I'm not getting anywhere. At least I have a detailed report of the error, but I'm not sure how to interpret it.
Validate "/Users/brillig/Library/Developer/Xcode/DerivedData/Troll_Calendar-aiiisgrydufzgqacxoigzflbhwzv/Build/Products/Release-iphoneos/Troll Calendar.app"
cd "/Users/brillig/Desktop/Source Code/Troll Calendar"
setenv PATH "/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin:/Applications/Xcode.app/Contents/Developer/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin"
setenv PRODUCT_TYPE com.apple.product-type.application
/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/Validation "/Users/brillig/Library/Developer/Xcode/DerivedData/Troll_Calendar-aiiisgrydufzgqacxoigzflbhwzv/Build/Products/Release-iphoneos/Troll Calendar.app"
warning: Icon specified in the Info.plist not found under the top level app wrapper: (-19007)
Unable to validate your application. - (null)
warning: Application failed codesign verification. The signature was invalid, contains disallowed entitlements, or it was not signed with an iPhone Distribution Certificate. (-19011)
Executable=/Users/brillig/Library/Developer/Xcode/DerivedData/Troll_Calendar-aiiisgrydufzgqacxoigzflbhwzv/Build/Products/Release-iphoneos/Troll Calendar.app/Troll Calendar
codesign_wrapper-4.1: using Apple CA for profile evaluation
/Users/brillig/Library/Developer/Xcode/DerivedData/Troll_Calendar-aiiisgrydufzgqacxoigzflbhwzv/Build/Products/Release-iphoneos/Troll Calendar.app: valid on disk
/Users/brillig/Library/Developer/Xcode/DerivedData/Troll_Calendar-aiiisgrydufzgqacxoigzflbhwzv/Build/Products/Release-iphoneos/Troll Calendar.app: satisfies its Designated Requirement
test-requirement: code failed to satisfy specified code requirement(s)
codesign_wrapper-4.1: failed to execute codesign(1)
- (null)
I'll handle the icon issue while I wait for a reply. The app runs just fine on my iPad when I build it for development. I thought I did everything I needed to in order to send it to the app store, but I can't get past this. If there were a checklist somewhere of everything needing to be done that would be great, but it seems like such a thing doesn't exist.
P.S. OK Maybe I have some progress. I changed from automatic profile matching to manually setting the profile, and not I get an error that indicates a mismatch.
Provisioning profile 'Troll Calendar App Store' specifies the Application Identifier 'com.domain.foo.bar' which doesn't match the current setting 'com.domain.Foo-Bar'.
So where are those two values coming from? I suppose I just need to change one of them to match the other. Which one would be simpler to modify? I think at the time these values needed to be entered, I was under the impression that it wasn't that important what the names were, so I didn't pay special attention to ensure consistency.

Try creating a new Distribution Certificate.

I resolved the problem in the organizer by selecting Target, Info, and changed the bundle identifier name to match the reserved identifier.

I had the same error. The problem for me was that I did the code signing in the PROJECT settings. I found out the there are the same settings for the product TARGET.
There I set the iPhone Distribution certificate for my Distribution configuration.

Related

Error ITMS-90046 when using xcodebuild instead of Xcode IDE

I'm unable to get rid of "ERROR ITMS-90046" when building my app with xcodebuild and uploading using Application Loader. But it works fine if I archive and upload completely within Xcode.
The ITMS-90046 error message specifically complains about the "application-identifier" in my framework:
ERROR ITMS-90046: "Invalid Code Signing Entitlements. Your application
bundle's signature contains code signing entitlements that are not
supported on iOS. Specifically, value 'TEAMID.com.domain.Product'
for key 'application-identifier' in
'Payload/Product.app/Frameworks/MyFW.framework/MyFW' is not supported.
This value should be a string starting with your TEAMID, followed by a
dot '.', followed by the bundle identifier.
I tried all the solutions mentioned in This thread, but none of them worked for me. Luckily I am at least able to upload via Xcode, but this needs to happen frequently enough to become burdensome.
Any ideas what to try next? Anyone know if Apple is even aware of this issue?
Thanks!
The solution was to re define and download all apple developer certificates and import them all again to Xcode.

Failed to submit app to iTunes Store

I am having some problems when trying to submit my iPhone app to store using Xcode 5 that my app is always failed validation with below errors:
Apple's web service operation was not successful
Unable to authenticate the package: [My app id, ex: 123456789].itmsp
ERROR ITEMS-9000: "The bundle [Bundle ID, ex: com.myapp.mobile] at bundle path 'Payload/[My App Name].app' is not signed using an Apple submission certificate." at SoftwareAssets/SoftwareAsset (MZItmspSoftwareAssetPackage)
I am quite sure about settings (bundle id, certificate, profile, entitlement) because this is not first time I submit app to store, jut don't know why these issues come up, I have tried to search and found some related article but they don't help.
I have this issue for 1 week.
I just selected Standard Architectures in both Project and Target, and it worked for me.
I had the exact the same error, after hours of trying, adjusting all the parameters like the bundle ID or display name, etc. None of them worked.
Finally I got it work. Here is what I did.
I started all over by deleting all the records in keychain, certificates and provision profiles. And just added one certificate and profile for app distribution. There was only one record to make no confusion. And then boom, it uploaded successfully.
I guess my mistake was to submit multiple times of certificates or provision profiles earlier (although I deleted multiple entries but I did see something strange) because I thought the creation process was stuck so I refreshed the browser. Being patient in each steps will eventually saves more time! :) Good luck!
I got the same error today with xCode 7. I resubmitted with no changes and it went through. Probably Apple bug. I am letting you know that sometimes it is not an issue with our project/target settings.
As far as I can tell, this specific error is intermittent and not caused by anything in the app package. I think many of the answers here are people that saw this error, changed something, and saw the error go away, and assumed that their change made it go away.
I would suggest, if you get this error, just try again (worked for me). If it fails in this exact way a second time, and you have some theory about what will fix it, do that and try again. If that works, undo your fix and see if the failure comes back. In this way you will have proven that there was an identified root cause and a fix.
I don't know the cause, but I had the same exact issue crop up this week and just got things to work. I had checked the build, distribution certificate, provisioning profile. I went through all of the troubleshooting steps in Technical Note TN2250 -- no luck! However, I just got it to upload successfully. I happened to have an old Mac Mini that had Application Loader 2.5.1 on it. I created a zip file from the .app within the Payload folder of the .ipa, put this on a USB drive, and watched as it finally uploaded after trying about 50 times with both Xcode organizer and Application Loader v2.9.
Other people have reccomended reverting to a previous Application Loader version. Perhaps the web service endpoint uses a different (and properly working) certificate validation method for older AL versions.
I too have had the same problem and after many hours I managed to solve.
I finally fixed the problem. You needed to download the "Apple Root Certificate Authority" (http://www.apple.com/certificateauthority/) and put it in your login keychain & system, I also put your iPhone disitrbution certified in your system and set all keychian trust values ​​for all certificates to "system default". Finally went through!
For me the problem was in selecting the wrong iOS distribution code signing identity, where I was using a different team as the provisioning profile.
Probably make sure your Code Signing Identity is set to automatic, which will probably fix this issue.
In XCode 6.3, You have connect actual device and selected in the XCode.
I didn't see this listed on here, but I received this issue and realized that I already had a build for this specific Version # waiting for review on iTunes Connect. I rejected the build in ITC and then tried uploading the build again and it uploaded correctly after that. Just in case this could possibly help anyone else out there with this issue!

Codesign of Dropbox API fails in Xcode 4.6.3: "code object is not signed at all"

I have an OS X app that's distributed through the Mac App Store, and recently updated to Xcode 4.6.3.
When I run my regular build now, I receive:
Command /usr/bin/codesign failed with exit code 1:
/Users/Craig/Library/Developer/Xcode/DerivedData/Mac-dxcgahgplwpbjedqnembegifbowj/Build/Products/Debug/MyApp.app: code object is not signed at all
In subcomponent: /Users/Craig/Library/Developer/Xcode/DerivedData/Mac-dxcgahgplwpbjedqnembegifbowj/Build/Products/Debug/MyApp.app/Contents/Frameworks/DropboxOSX.framework
Command /usr/bin/codesign failed with exit code 1
I can't seem to discern any other changes in my project, so I can't tell if it's an issue related to the 4.6.3 update, or something else.
I have tried restarting Xcode, running a clean build, and cleaning the build folder.
I think I may have figured this one out. I've been running Xcode 4.6.3 on OS X Mavericks, under the impression that any build-specific tools were bundled in the Xcode application.
But, it seems codesign is in /usr/bin. Whether it's put there by one of the Xcode installers or comes with a vanilla system install, I'm not sure. But reading through the man page for codesign, I found this nifty option:
--deep When signing a bundle, specifies that nested code content such as helpers, frameworks, and plug-ins, should be recursively signed
in turn. Beware that all signing options you specify will apply, in turn, to such nested content.
When verifying a bundle, specifies that any nested code content will be recursively verified as to its full content. By default,
verification of nested content is limited to a shallow investigation that may not detect changes to the nested code.
When displaying a signature, specifies that a list of directly nested code should be written to the display output. This lists only
code directly nested within the subject; anything nested indirectly will require recursive application of the codesign command.
And then I found this post (https://alpha.app.net/isaiah/post/6774960) from two weeks ago (~June 2013), which mentions (albeit second-handedly):
#isaiah I asked a guy in the labs about it. He said codesign now
requires embedded frameworks to be signed separately before code
signing the app bundle as a whole.
Manually re-running the codesign command that Xcode normally runs, while adding the --deep flag to the end, signs the application properly.
I'm not yet sure exactly what ramifications this manual signing has, or whether I can tweak the Xcode build to add the --deep flag automatically, but this seems to be the underlying issue. (codesign no longer automatically deeply signs your app bundle.)
As highlighted in other answers, there is a change to the way code signing works. If you've installed any of the Xcode 5 DP's then the new tools will be being used even if you are using Xcode 4.6.X.
All you need to do at this stage (in Xcode 4.6.X) is take the --deep flag suggested above and add it into your code signing flags (Target, Build Settings) see image below.
For me, this problem was caused after dragging a folder named "resources" in my project. After changing its name into anything else(like "resourcessss" for example), the error disappeared.
I had the same problem, but the answer was simple: the code signing identity on my app was set to "-", so simply setting that to "Don't Code Sign" fixed me up.
"-" seems to be the default setting when you carry out some set of actions, although I can't tell you what those are.
This might help somone:
I finally figured out the solution by trial and error. In my case I had a folder name that matched the “Product Name” variable under build settings. This also matched the entire project name! So I simply changed one field. I changed the “Build Settings” -> “Product Name” . The value of MySpecialApp was changed to My-SpecialApp. That was simply it! I then logged back into the Apple developer portal and created a new App ID and mobile provisioning profiles for development and distribution and the rest is history. My releases now work when deployed via the Ad Hoc distribution.
A final note on this. This is definitely a bug that Apple should either alert the user that they have done something wrong and enable some sort of automated corrective action.
- See more at: http://www.chrisdanielson.com/2012/08/29/codesign-ipa-and-the-code-object-is-not-signed-at-all-problem/#sthash.F0nF3BbC.dpuf
For me it was a corrupted Framework PaddleMAs which:
1. I removed from my Cocoapods File
2. Ran pod install
3. Restarted my Xcode
and it solved the problem. For some reason a corrupted framework will prevent it being signed unfortunately XCode doesn't show this error really clearly and give you a good fix suggestion. Have raised a bug with Apple to fix.

Codesign check fails Xcode 4

I just created all new dev and deployment certs and I'm getting this weird error when I try to validate the application in the archive manager:
error: Codesign check fails : /var/folders/w_/dvqfkh916k12c5hn639qvvqw0000gn/T/oqhxIfU87c/Payload/TestUpload.app: valid on disk
/var/folders/w_/dvqfkh916k12c5hn639qvvqw0000gn/T/oqhxIfU87c/Payload/TestUpload.app: satisfies its Designated Requirement
test-requirement: code failed to satisfy specified code requirement(s)
I've looked all over to see how to fix this error but nothing seems to help for Xcode 4. I've followed the setup on the provisioning profile, however it doesn't seem to be updated for the newest Xcode 4 software (I've gotten this to work with previous versions of Xcode before archive manager was set in place)
Any help would be appreciated
I was testing using an old certificate cerated while ago and it did worked fine, but creating a new certificate using a new apple dev account wont work.
It seems like new certificates are created with issues from apple provisioning portal.
So, I guess there is not a problem on your app, and we just have to wait until they fix the bug.
If you're building dependent projects or libraries as part of the archive process, make sure that those targets are also being built with the App Store distribution certificate.
scoured this GUI looking for a "comment" but finding nothing - apologies if this gets posted as an answer.
I have spent the last 5 hours with that exact same error. Googling everything. Recreating certificates. Everything works when archiving, but then at the end I get the yellow triangle indicating the error. Using both wildcard and app specific distribution profiles that are recognized in Organizer as valid - I always get the error. You're not alone on this one and it is driving me insane - today was supposed to be the day we submit our app we've spent the last year on...
Will be watching this thread closely, can offer any further information from my end also if it will help any. If you find a solution Paradox, please post here as I am at my wits end and would be extremely grateful.
Are you sure you signed this with your Distribution profile and not your Developer profile? I think XCode 4.2 will give an error if you're trying to share an archive code signed with the wrong type of profile.
Some (old) information in this thread:
http://forums.macrumors.com/showthread.php?t=659607
I am having the same problem. Spent hours redoing certs, changing machines, changing versions of Xcode, making random changes that people have suggested, rebooting, changing icons you name it.
In Console there is a big dump of data related to the validation, if you're lucky it says something meaningful in there, it doesn't for me. Or at least nothing that I can understand :/
EDIT: The console outputs the command it runs but slightly butchered. It has a parameter R= but the output neglects the quotation marks around the argument. Running this command only outputs the just as helpful:
/var/folders/_x/XXXXXXXX/T/XXXXXXXX/Payload/XXXXXXXX.app: valid on disk
/var/folders/_x/XXXXXXXX/T/XXXXXXXX/Payload/XXXXXXXX.app: satisfies its Designated Requirement
test-requirement: code failed to satisfy specified code requirement(s)
Valid But Mismatched Certificates
This error can occur when submitting an application to the Mac App Store. The error occurs because one or more code signatures are valid but not signed by Mac App Store appropriate certificates:
Invalid Signature - The nested app bundle FRAMEWORK at path APPNAME.app/Contents/Frameworks/FRAMEWORK.framework has following signing error(s): valid on disk /Volumes/data01/app_data/dstr/mz_4939925606610311185dir/mz_6704668226144376567dir/eu.miln.beyond.mas.pkg/Payload/APPNAME.app/Contents/Frameworks/FRAMEWORK.framework/Versions/A: satisfies its Designated Requirement test-requirement: code failed to satisfy specified code requirement(s) . Refer to the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html for more information.
The solution is to re-codesign the application bundle making sure to use a Mac App Store application certificate.
Codesign
Use the codesign -d -vvvv <app.path> to check the signing certificate is correct.
If you have a complex signed application with mixed certificates or non-Mac App Store certificates, you can use the codesign flag deep to recursively resign the entire bundle:
codesign --force -o library -s '3rd Party Mac Developer Application: Your Organisation (000AAA000A)' --keychain '/absolute/path/to/mac-app-store.keychain' --preserve-metadata=identifier,entitlements,flags --deep '/absolute/path/to/APPLICATION.app'
Note the --preserve-metadata=identifier,entitlements,flags options. These are important to avoid overwriting or changing the associated entitlements and bundle identifiers.
Ideally, the deep flag should not be used but it can be useful to fix problems.

Code Signing "Application failed codesign verification. ...."

a few days ago I finished with my first app. Now I want to uplaod the app with the Application Loader but than one error appears:
Application failed codesign verification. The submission was invalid signature, or it was not signed with an Apple certificate. (-19011).
Xcode Log:
warning: Application failed codesign verification. The signature was invalid, or it was not signed with an Apple submission certificate. (-19011)
Executable=/Users/Paul_Lischewski/Desktop/TapMap for iPad/build/Release-iphoneos/TapMap for iPad.app/TapMap for iPad
codesign_wrapper-0.7.10: using Apple CA for profile evaluation
AssertMacros: signer, file: codesign_wrapper.c, line: 610
AssertMacros: profile, file: codesign_wrapper.c, line: 918
codesign_wrapper-0.7.10: Failed to load provision profile from: /Users/Paul_Lischewski/Desktop/TapMap for iPad/build/Release-iphoneos/TapMap for iPad.app/embedded.mobileprovision
- (null)
I've tried everything, deleted and re-installed certificates, created new App-IDs...
I use Xcode 3.2.6 and SDK 4.3. Here you can find photos of my problem:
apps-development.info/Foto 1.jpg
apps-development.info/Foto 2.jpg
Thank you for your answers.
For the error -
Application failed codesign verification
that occurs during Xcode Archive Validation or Submission with App Loader, look to the Xcode build log at Product > Archive time for a build warning by the same title and expand that for the root cause.
The root cause is not always an obvious explanation, but should guide you at least with additional search terms or troubleshooting ideas. For example, if the root cause is:
test-requirement: failed to satisfy code requirement(s)
it almost always indicates the app has been signed with the wrong certificate i.e. using an iPhone Developer profile instead of an iPhone Distribution Provisioning Profile.
If you did not build your app using Xcode then you may not be able to attain the root cause, but either way continue to Apple's complete list of potential causes of this error linked here.
You have a space in your app name.
There are many possible causes of the -19011 code verification error (as evidenced by the dozens of near identical stackoverflow questions about it). The specific cause is hinted at in the detail of the message (see Apple Technical note TN2250 advice on the -19011 issue for details)
In my case the error detail contained the phrase "Failed to load provision profile from:" after which I discovered that having spaces or special characters in the app OR the xcode scheme name can cause codesign verification fail.

Resources