Develop Reference

Appcenter iOS install error "this app cannot be installed because its integrity could not be verified"

I see that this question has been asked many times but I see no solution that works for me so I'm hoping that providing more info might shed some light.
We use appcenter.ms to test iOS apps. Until our iOS certificate expired this method worked fine. We generated a new enterprise certificate and ad hoc provisioning profile for new releases of the iOS app. Which led to the first curiosity.
I see how to upload a certificate on appcenter.ms but not a provisioning profile. I thought there was an option to do this in the past but perhaps I am mistaken. However, the app is signed with a provisioning profile before upload, so perhaps this is not needed now.
Once the app is uploaded, it can't be installed. It remains grey and when you tap it, you get the "this app cannot be installed because its integrity could not be verified" error. Again, that the .ipa is created with an ad hoc certificate and profile in Xamarin (VS for Mac).
Also, I can't install the provisioning profile on a device from appcenter.ms. You basically get stuck in a loop where you seem to successfully install the profile but have to keep doing it because it never actually installs.
I hope this is enough info for some insight and thanks in advance for any feedback.

We were able to solve this by redoing and downloading development certs and via
And also downloading and double clicking the apple development certificate here
After that our keychain showed both as trusted and we could build to the iPhone again.

The issue can be the your device is simply not registered on the developer portal and/or that ad-hoc provisioning profiles have not been regenerated.
You need to register your device, regenerate a provisioning profile with this device in it and rebuild your app using this profile.

This can also happen because of
Developer ID Notary Service - Outage
which can be checked on https://developer.apple.com/system-status/
Notarization is well explained here:
Notarization gives users more confidence that the Developer ID-signed
software you distribute has been checked by Apple for malicious
components. Notarization is not App Review. The Apple notary service
is an automated system that scans your software for malicious content,
checks for code-signing issues, and returns the results to you
quickly. If there are no issues, the notary service generates a ticket
for you to staple to your software.

Work around fix:
Select your app.
Navigate to TextFlight tab
Create External Testing group
Add one tester
Add build which you want to download using TestFlight
Open TestFlight and download an app.

In my case this was caused by trying to include an entitlement for aps-environment "development" when using an Ad-Hoc provisioning profile. The value for this environment in Entitlements.plist must match what is hard coded into the provisioning profile file - if you open an Ad-Hoc profile in a text editor you will see it expects the "production" environment.
The possible solutions depending on your requirements are to either use the Development profile/certificate, or change the aps-environment to "production" to continue using an Ad-Hoc provisioning profile.
It can also happen if you have other incorrect entitlements - worth checking what entitlements are enabled under the Identifier in Apple Developer portal and removing unnecessary ones.

I had this issue because when building the app on xCode for distribution (Product->Archive then Distribute App), I chose automatic signing. After manually signing the app and choosing my own generated certificate and profile, everything worked again fine.

I removed the Entitlements file from the Addition Resources in iOS Bundle Signing and it worked.
I think the MSAL configuration was set to debug in entitlements.plist

I have also face this issue before but for me the reason was little different
First the build was enterprise one and the build was made on the earlier Xcode version on which the iOS version you are using on the device was not supported by the Xcode.
All I did was to update my Xcode and make a new build and shared the build. After that we were able to install that build over device Hope it works for you as well

This is how I solved for myself.
In you iPhone Settings > General > VPN & Device Management you should see your company name (if an app from it is installed), and if you click on it, you will see a button like "Verify" above the list of apps installed provided by the company. Just click on "Verify".

Xcode Signing - Failed to create provisioning

Here's the story:
I created a free developer account to build an app for a client.
I used this info for the Identity and Signing:
It came time to upload the app to TestFlight and to use the client's developer account.
I created the account in xcode using their apple id and updated the signing like so:
But now I got this error.
It was clear, so I updated the Bundle Identifier to this:
But again, now I am getting a different error, and I don't know what to do.
I do not have an iOS device to register, nor do I care to get one, since I'm not doing the testing - they are.
I did create an app in the App Store Connect, and it is set up like so:
As you can see I created it to match the Bundle ID from before and still no luck.
Any help is greatly appreciated. I just want to be able to get my Xcode project onto TestFlight using someone else's developer account (with their consent of course).

It needs to have at least one iOS device registered in order to create the development profile. Ask your client for the UDID of one of their devices and add that manually to the developer portal. If they don't have one handy, feel free to use: f978c5f2e861f71b340125a4fa8d130a6254a0b3 which will work.
Alternatively, switch to manual signing and do everything manually. That's my preferred method, but some say Xcode is finally good at managing profiles etc for you.

The only way to do this without a device is to turn off "Automatically manage signing" and manage everything at the Member Center.
You will need the distribution identity / certificate first. If the team already has one, you will need them to export it to you; otherwise you cannot upload.
Then register the app.
Then make a development certificate, and a distribution certificate for the app store, and download and install them.
Now you can archive and then export to the app store.

Distribution certificate / private key not installed

Using Xcode 9.1, after building an iOS app, I want to archive it and upload it to the appStore for beta-testing.
But I get the following issue after clicking the button Upload to the App Store... and choosing Automatically manage signing:
"My Name" has one iOS Distribution certificate but its private key is
not installed. Contact the creator of this certificate to get a copy of the private key.
I do not know why this "private key is not installed", but the Distribution certificate may have been created on a different computer or something. In any case:
What is the simplest way to retrieve the missing private key and install it? In order to make things work.

Up to date (January 2021) (Xcode 10 - 12)
Go to Xcode - Preferences - Accounts - Manage Certificates
Click on the + at the bottom left, then Apple Distribution
Wait a little, then click Done
That's all.
You may want to revoke the old certificate on developer.apple.com too.
Old answer
Step 1: Xcode -> Product -> Archives ->
Click manage certificate
Step 2: Add iOS distribution

You can only have one distribution certificate. It unites a public key, known to Apple, with a private key, which lives in the keychain of some computer. If this distribution certificate was created on another computer, then the private key is on the keychain of that computer. And this distribution certificate does not work without it.
So to use this distribution certificate on this computer, you must find that computer, open Keychain Access, locate and export the private key, mail it or otherwise get it to this computer, and import it into the keychain of this computer.
If you go into the Accounts pref pane in Xcode and double-click your Team, you'll see a dialog that gives you help with this. If you see your distribution certificate and it says Not In Keychain, you can control-click that certificate to get a menu item that lets you email whoever created the certificate and ask them to send it to you. That person can use this same import to choose Export Certificate and can email you exported certificate.
Either way, the private key or exported certificate will be passworded. You'll need to know the password in order to use it.

This answer is for "One Man" Team to solve this problem quickly without reading through too many information about "Team"
Step 1) Go to web browser, open your developer account. Go to Certificates, Identifiers & Profiles. Select Certificates / Production. You will see the certificate that was missing private key listed there. Click Revoke. And follow the instructions to remove this certificate.
Step 2) That's it! go back to Xcode to Validate you app. It will now ask you to generate a new certificate. Now you happily uploading your apps.

Add a new Production Certificate here, then download the .cer file and double click it to add it to Keychain.
All will be fine now, don't forget to restart Xcode!!!

EDIT: I thought that the other computer is dead so I'm fixing my answer:
You should export the certificate from the first computer with it's private key and import it in the new computer.
I prefer the iCloud way, backup to iCloud and get it in the new computer.
If you can't do it with some reason, you can revoke the certificate in Apple developers site, then let Xcode to create a new one for you, it'll also create a fresh new private key and store it in your Keychain, just be sure to back it up in your preferred way

People's answer here about having the key from the computer is generated are accurate. But if things are still failing, try restarting Xcode after installing a cert

revoke all distribution certificate for developer.apple.com and the validate your app in Xcode there will be the option to create a new distribution certificate after you can export key for further use.
This work for me.

Just for anyone else who goes through this, the answers above are correct but it can still be a bit confusing especially if you have multiple certificates. These were the steps that I took:
First take note of the date in the actual distribution certificate that is missing its private key. Then go to the keychain application on the other computer and type iOS in the search bar. It will show all of your iOS Developer and Distribution keys so you have to find the right one.
Click the right arrow of each iOS Distribution entry to reveal the certificate and find the one with the correct date and export that one by right clicking and selection export.
Then just import it in the keychain of the new computer and at least with Xcode 9.3 it immediately recognizes it and corrects the error so you can now upload your achieve.

If you are using the certificate in a new computer or not. The easiest thing to do would be to revoke the previous certificate relating to the project. Then re-upload to the store. Xcode will generate a new one.

In my case Xcode was not accessing certificates from the keychain, I followed these steps:
delete certificates from the keychain.
restart the mac.
generate new certificates.
install new certificates.
clean build folder.
build project.
again clean build folder.
archive now.
It works That's it.

i tried all mentioned solutions available on the internet but no solution working on my Mac, then i created a provisioning profile manually on apple developer website from certificates and identifiers. By importing that file manually app successfully uploaded on appStore follow below steps
On Developer website
1-go to this link https://developer.apple.com/account/resources/certificates
2- In profile Section create new profile by using app bundle identifier
3-Download it and save it an where
On Xcode
1-Go to Signing and certificates
2-Disable automatically manage signing
3- Select provisioning profile in its section
4- Archive the app
5-Click Distribute App ->ApStore connect ->Upload->Next-> Then Select Profile from XXXX-app section when it download it show inside this section and now upload it

Click on Manage Certificates->Apple Distribution->Done

In my case, after revoking the old certificate and creating a new one, Xcode was showing the same error (I've done a clean build and removed the derived data folder).
In that case, try to manually manage signing.
After that, check the second field and set the appropriate one.
Note: After uploading the build, I needed to wait for 15 min to see my build in the app store connect.

Adding to the above answers,
If you have admin access on this account create new certificate and use it to publish. I just did that and it passed.
1- Create new Certificate Signing Request (KeyChain Access > Certificate Assistant ) and save to the disk
https://help.apple.com/developer-account/#/devbfa00fef7
2- Login into your apple developer account > Certificates and Identifiers > Click + to add new certificate)
3- Upload the signing cert you created in step 1, click next and download the certificate
4- Double click the certificate to install it. Make sure it is trusted and showing "This certificate is valid".
5- Try to archive again now and choose automatic signing.
That should do it.

just click "manage certificates" -> "+" -> "iOS distribution"

go to this link https://developer.apple.com/account/resources/certificates/list
find certificate name in your alert upload then
Revoke certificate that
if you have certificate you download again
upload testflight again

If you are being stuck on this problem. After switch the computer and not able to upload your build to App Store. Simply click manage certificate on the error page, the + plus on the bottom left corner and create a new distribution certificate. Then you'll be good to go.

I am also facing the same issue in xCode (v12.4) and created two more distribution certificates but nothing get worked for me.
Solution : Restarting xCode seemed to do the trick for me.

I was facing the same problem with Xcode v11.3
Upgrading to Xcode 11.6 solved the problem for me

This can happen if your MacBook has a battery issue and powers out unexpectedly. Your date is reset to an old date and if you opened XCode, it probably recorded that date and that may have caused the signing issue with certificate.
THIS IS HOW I RESOLVED IT
Went to Settings and set the correct date and time.
Clicked on the XCode option on the top left.
Clicked on Quit XCode.
Restarted the MacBook.
I reopened XCode, archived my app and it had no issues with the signing certificate.
I hope it works for you. An upvote if it does.

Transferring Apple dev account & certificate to new machine

I've recently attempted to transfer my apple dev certificate to a new mac, however, the provisioning profiles are appearing as valid signing identity not found.
I imported my developer account into Xcode5 and when I deploy a build, I get the option to fix the issue of not having a valid signing - this generates an iOS team provisioning profile for the bundle id.
So far have found this is fine for testing - we distribute ourselves not using the app store.
If anyone would be able to give me a heads up on whether this is an okay method, or whether I will need to generate a new certificate for distribution in case we do use the app store for distribution.

If you still have access to your previous computer, you can export as p12 the private key you used to generate the Apple certificate.
Go to keychain, select the iOS certificate and right click to export it. Then import it to your new computer and you do not need to generate new certificates.

what you need to do is to remake the developer and distribution certificates for your new mac and install it then, you update your provision profile with the new certificate, reinstall it and everything works
PS: for remake your developer and distribution certificates you have to go in the keychan
Certificate Assistant > Request a Certificate From a Certificate Authority..
then add your email and common Name, check Saved to disk. Finally Into the developer web site you remove your old certificates and create the new one with the new file that you have in the disk.

Did you export from Xcode → Preferences → Accounts like Apple's guide suggests?
Did you also export your private key from the keychain? I have seen this issue before, and that was resolved by exporting and importing the private key.
If you do want to distribute on App Store later on you will definitely need to import a valid certificate, yes.

here you can find a solution or ask your problem to a developers Apple support:
https://developer.apple.com/support/
Other way you can call the developer support center here:
https://developer.apple.com/contact/phone.php

Add Developers in Xcode

Assume I have an Xcode project running on Github and multiple developers. I have a new developer who will clone the git repository and start working on the app. I want to add his iOS devices as devices that can run the builds without having to reissue certificates and do all that long process on the iOS Dev Center. How can I do that? I want him to clone the repo, connect his device to Xcode and be able to run the app on his device.
Thanks

If he is a paid iOS developer and there is no reason to use a specific provisioning profile you won't need to do anything. Xcode can automatically provision his device when he compiles it. Just use the automatic profile selection for your development builds in the build settings.
If it is important that you both use the correct provisioning profile (for example to test push notifications) there is no way around adding his device to the profile on the developer portal. Plus you will need to let him sign the binary as you, using your developer certificate and private key (which you will have to export from Keychain on your development machine).