Just as when I was "validating" my app in Xcode organizer, I have got these two messages:
"The Bundle ID Txxxxxxxxxx.com.xxxxxxxx.xxxx defined in your Xcode Project does not match the Bundle ID that you entered for this app in iTunes Connect xxxxxxxxxxx.xxxxx."
and
"Application failed code sign verification. The signature was invalid, contains disallowed entitlements, or it was not signed with an iPhone Distribution Certificate."
Basically, I just wanted to submit an app that has been rejected by Apple again, but I mess up things by changing developer distribution, provisioning profiles, in fact, I don't even know when I did with the whole uploading process. I am very new to developing, please some experts suggest me what to do will be the best. I will be checking back frequently. Thanks.
Related
This issue only started after updating to Xcode 13. Never had it under 12.x and no other changes. I am tying to send an Archive to Appstore Connect for a client. I have the "App Manager" role which has always been enough for this activity. However, when trying to send or even validate in Xcode, I receive an error related to "locating signing assets" with the log indicating the following:
2021-10-02 18:18:38 +0000 [MT] Failed to locate signing assets with
errors: (
"Error Domain=DeveloperAPIServiceErrorDomain Code=5 "Communication with Apple failed."
UserInfo={IDEDistributionIssueSeverity=3,
NSLocalizedRecoverySuggestion=You are not allowed to perform this
operation. Please check with one of your Team Admins, or, if you need
further assistance, please contact Apple Developer Program Support.
https://developer.apple.com/support,
NSLocalizedDescription=Communication with Apple failed.}",
"Error Domain=IDEProfileLocatorErrorDomain Code=1 "No profiles for 'com.company.app' were found"
UserInfo={IDEDistributionIssueSeverity=3, NSLocalizedDescription=No
profiles for 'com.company.app' were found,
NSLocalizedRecoverySuggestion=Xcode couldn't find any iOS App Store
provisioning profiles matching 'com.company.app'.}" )
I have tried to remove my account from Xcode and re-add, but to no effect. Again, I have had the App Manager role forever and never had a problem until upgrading to Xcode 13. I was thinking of having him elevate me to "Administrator" but that really should not be necessary. I also created a new distribution cert through Xcode (no errors there) but that didn't help either.
As an update. I went the manual route and created a profile and chose to select it manually rather than having Xcode handle it automatically. That worked. However, of course it should not have to work that way and I still don't understand why the automatic method is failing.
Anything else I can try?
It seems an Apple issue with the automatic sign-in process with Xcode 13. But maybe it's a wanted behavior for Xcode 13 using cloud base certs instead of the local ones.
Here's my story looking for a solutions for this.
I can confirm that downgrade back to Xcode 12 or switch to the manual signing way all works fine
Someone says that doing that:
Switch "automatically manage signing" in the project or re-select
Team. Make sure the changes appear in the project file:
CODE_SIGN_IDENTITY = "Apple Development"; CODE_SIGN_STYLE = Automatic;
May solve the issue, but it didn't work for me.
It seems that Xcode 13
In Xcode 13 or later, Xcode will cloud sign any apps or software for
distribution when you’re using the Xcode Organizer archive and
distribution workflow. Additional permissions are available in App
Store Connect to enable Admins and Developers to sign apps and
software with these certificates.
So I ended up enabling Access to Cloud Managed Distribution Certificate in App Store Connect -> Users and Access for my account, as Jane Doe said in this thread.
And that did solve the issue.
Here are all my references:
https://developer.apple.com/forums/thread/690763
https://developer.apple.com/forums/thread/688626
https://help.apple.com/developer-account/#/dev8e84490b9
I'm trying to submit a Mac Catalyst app for the first time, but the upload keeps failing with this error message:
ERROR ITMS-90283: "Invalid Provisioning Profile. The provisioning profile included in the bundle maccatalyst.com.arlomedia.setlistmaker [maccatalyst.com.arlomedia.setlistmaker.pkg/Payload/SetListMaker.app] is invalid. [Invalid 'com.apple.application-identifier' entitlement value.] For more information, visit the macOS Developer Portal."
This happens if I manually or automatically sign the app. With manual signing, I have a new macOS App Store provisioning profile that I created as a Mac Catalyst profile using the associated iOS app ID. This shows as valid in the provisioning portal, and I can build (archive) the app just fine with this profile selected:
When I go through the submission process in the Xcode organizer, I have to "Import" the provisioning profile every time (I downloaded the provisioning file, and just select the downloaded file here), which is odd:
But after I select the file, I can click its info icon and everything looks correct:
Then I proceed with the upload, and when the progress bar reaches the end, the error appears and the submission fails.
The error message indicates something is wrong with the application-identifier, but I've checked this everywhere I can find it and it looks correct. I'm using automatically derived bundle IDs, which prefixes "maccatalyst" onto my iOS bundle ID. In some places where this appears, the ID is also prefixed with the App ID Prefix from the apps Identifier record in the provisioning portal. The screen shot above shows the last letter of the App ID cut off, but I think that's just the display in Xcode; if I open the provisioning file, the full ID is listed.
I have another app I've been working on at the same time and I was able to submit it successfully. I opened the archived .app files for both projects and compared the embedded provisioning profiles, and the only differences are things I would expect, like the app name and export time. The application-identifers and bundle IDs are formatted the same way, with the correct app prefixes. I also compared the info.plist files for the two apps and didn't see any significant differences there, either. The other app also required me to select the profile during the submission process, so it seems like that's not a problem (although with my iOS submissions, the profile name appears there automatically).
When I turn on automatic signing, some upload steps are skipped, but I get the same error message at the end of the upload. If I use the Validate App button instead of the Distribute App button in the Xcode organizer, I go through the same steps and get the same error message.
I've compared the setup of the app IDs and profiles of both apps, the signing settings, the build settings, the App Information pages in iTunes Connect ... everything is set up the same way. Does anyone know what else I should check?
I finally got this to work by giving up on the automatically derived "maccatalyst" bundle ID and using a custom bundle ID. Here are the steps I took:
In Xcode, turn off the "Derive Mac Catalyst Product Bundle Identifier" build setting.
Edit the "Product Bundle Identifier" build setting and add a separate bundle ID for the macOS platform. (screen shot 1)
In the iOS Provisioning Portal, edit the App ID for the associated iOS app and turn off the Mac Catalyst option.
Create a new App ID for the Mac version of the app, and enter the new macOS bundle ID.
Create new development and distribution profiles using the new App ID. When creating the profiles, these must be Mac Catalyst, not Mac, profiles. Xcode would only accept Mac Catalyst profiles when validating. (screen shot 2)
In App Store Connect, edit the macOS app record and change the bundle ID from the maccatalyst ID to the custom ID. This was still editable because I hadn't yet successfully uploaded a binary.
My new profiles now appear as Eligible on the Signing & Capabilities tab in Xcode, but they do not appear as options on the validation page when submitting. However, as with my original setup, I can click the Import Profile option there and select the file downloaded from the provisioning portal.
Note that this is the setup to use if you do not want Universal Purchase. If you do want that, you would need to use the same bundle ID as for the iOS app, and you might need to wait until Xcode 11.4 is released in order to submit the app with that setup. I'm not sure about that, but I am sure that you cannot submit apps with the Xcode 11.4 beta, because I tried it. (screen shot 3)
I didn't try automatic signing with the custom bundle ID setup. I think that would work because I think somehow the problem was related to the automatically derived bundle ID. That is basically deprecated with the upcoming Xcode 11.4 and Universal Purchase capability, so I suspect that a change on Apple's end has broken the validation of that style of bundle ID, perhaps only in limited cases that affected my app due to some factor that neither I nor Apple were able to identify.
Custom bundle ID settings:
"Profile is not a 'Mac Catalyst App Store' profile":
Cannot submit from Xcode beta:
I found this document:
Technical Q&A QA1710: Why do I get an "Invalid application-identifier Entitlement" error?
It states:
In modern versions of Xcode, you don't need to supply a value for this entitlement yourself, so the error can be avoided by simply removing the application identifier entitlement from your custom Entitlements.plist.
Xcode builds the application identifier entitlement for you based on the Bundle Identifier property defined in your Xcode project's Target > Info tab, so setting the correct Bundle Identifier in Xcode is imperative.
I don't have either of those problems, but maybe it will help someone else receiving this error.
While trying to export a Developer ID Signed Mac application with Xcode I run into this error: "Missing Developer ID Application signing identity for (null)" How do I resolve this?
I struggled with this issue for a while so wanted to post what I found in case others run into a similar issue. I ran into the above issue after revoking my certificate while trying to export my build from a friend's machine. I found the best support by going step by step through this link:
https://developer.apple.com/library/content/documentation/IDEs/Conceptual/AppDistributionGuide/DistributingApplicationsOutside/DistributingApplicationsOutside.html
I would recommend following the steps in this link for anyone uploading a build to the Mac app store or exporting a Developer ID Signed Mac application.
There is a certificate called "Developer ID Certification Authority", this seems to be the one I was missing, and which caused the most trouble.
Another interesting thing to note is that the 10 digit letter/number ID for your Team/Distribution profile will be different than the ID for your developer profile. This should not throw you off, these two profiles work together.
Another good thing to know is that at the top of developer.apple.com there is a non-obvious drop down menu that lets you switch between iOS, tvOS, watchOS profiles and MacOS X profiles.
Another non-obvious UX issue when dealing with certificates is the system tab within Keychain Access. If you read that you should delete or change a property both within Login and within system, when they write system, they are referring to the system tab, which can be accessed within Key Chain access and can be seen at the bottom of this image:
This link is also helpful for certificate trouble shooting:
https://developer.apple.com/library/content/documentation/IDEs/Conceptual/AppDistributionGuide/Troubleshooting/Troubleshooting.html#//apple_ref/doc/uid/TP40012582-CH5-SW11
But mainly just go through the steps in the first link given for exporting a Mac App with Developer ID Signing.
Last week, with Xcode 7, I was able to upload without any issue. But today I am getting the message your app has changed to invalid binary.
I have seen that now with Xcode 8 a new icon 20x20 2x and 3x is added. I added one, but still getting the error.
Does anyone had similar problem?
Сheck your email!
In my case, I wasted a lot of time because I did not check my email. When you get such an error, Apple sends you an email with it's description.
For example, this is what Apple sent me:
"This app attempts to access privacy-sensitive data without a usage
description. The app's Info.plist must contain an
NSCameraUsageDescription key with a string value explaining to the
user how the app uses this data."
After days of wrestling with the same problem I finally got my app successfully submitted, but only after being on the phone with Apple Developer support.
A couple of things to keep in mind:
Make sure you set the Info.plist description keys for any entitlements. This is necessary for iOS apps. Mine was a macOS app, so this didn't apply.
Head over to iTunes Connect, and recreate all your provisioning profiles and code signing certificates if you're not 100% sure that they're valid. You can do it for both Developer and Distribution.
In Xcode, turn off automatic code signing for your app, and any build targets (you can try automatic code signing in Xcode after completing steps #2 and #4 but that wasn't what worked for me).
Go to Xcode preferences, and click your development team, and in the sheet that comes up, you should see some "Download" buttons beside the newly created (in iTunes Connect) code signing certificates and provisioning profiles. Click them all. And so you don't get confused in step #5, delete all the other stale provisioning profiles and code signing identities for this app.
In Build Settings for each of your targets, make sure that the Release build setting for code signing, and provision profile are set to the above newly created code signing certificate and provisioning profile.
Bump your build number.
Deep clean your project (Option-Shift-Command-K).
Archive build your app.
In the Organizer that opens up, select the newly archived app, and validate (it always validated, but I still would get Invalid Binary later).
Export the build and select the option "Save for Mac App Store Deployment" or similar.
When prompted, use the same Provisioning Profiles you used previously and save.
Open the .pkg in Application Loader which you can launch from Xcode > Open Developer Tool > Application Loader menu.
I was't getting any emails on the Invalid Binary issue. Instead, I was lucky enough to have set up my iPad with iTunes Connect, and so, like clock-work, I was getting notifications within a couple minutes of uploading the app: "Your app ... has changed to Invalid Binary."
If you don't get one of these Invalid Binary notifications, that's a good sign. Another 10-15 minutes later, I checked the iTunes Connect portal, and I could finally add the uploaded build and submit for review.
After a while of searching, as a last-ditch effort I added every possible 'NS...UsageDescription into each of my target's Info.plist and this seems to have worked. After process of elimination, I deduced that it was either the NSAppleMusicUsageDescription or the NSFaceIDUsageDescription key-string pair that was preventing the upload from being successful so I just added them even though I don't use either in my project. I have also read on some other threads that something with a new version of Xcode required them to have the NSAppleMusicUsageDescription even though they didn't use anything related to Apple Music.
I know that there are many articles all over the Internet about this, but no matter how hard I try, I can't find an answer to this question:
I want to submit my finished app to the iOS App Store. I just archived my iOS application in Xcode 4, and I clicked the "Validate..." button in the Organiser. When the app is validated, Xcode tells me this:
Application failed codesign verification. The signature was invalid, or it was
not signed with an Apple submission certificate.
I have a distribution profile that I used to codesign in the target app.
I am not using Application Loader because it is telling me that
Application Loader is currently unavailable... an error occurred talking to the
iTunes store
But the question is, what is wrong with my app, and how can I fix it.
Thanks in advance.
check 2 things in the build log (detail view), search for "embedded.mobileprovision" to see if it's embedded, and check under "CodeSign" if the certificate is the one that you are using for distribution.