Apple Push Certificates - ios

My app has 3 provisioning profiles:
Ios development
Beta
Release
First one is used for development, second for test flight and third for the app store.
Also there are 2 App IDs
com.sansasystem.dribble
com.sansasystem.dribble-dev
Ios development and Beta profiles both use com.sansasystem.dribble-dev.
I enabled push notifications capability and generated sandbox APNS certificate.
However, pushes do come when I sign the app with Ios Development profile, but don't when signed with Beta.
Is it something I did wrong?

You need to compile the app and also use the same cert & prov-profile to sign with "com.sansasystem.dribble-dev" for the beta app.
The push notification and cert is tied to the single bundle ID and the app compiled and bundled profile. If you are looking in bundle settings for XCode project, do check that the Automatic provisioning is not selected. Mostly due to this the profile may get auto-generated and not with APNS.
Also, check the Beta Target "Capabilities" tab is enabled for Push notification button turned on.
Lastly, check the Profile used by the actual beta target. Go to Project Build Settings --> General tab --> in that there is a profile drop down and next to that the (i) button, click that and you will be able to read the profile details and info related to the prov-file used.
If that is not same as the one you have created then I suggest use the Manual signing way and untick the automatic provisioning profile check box to make life more specific to get the error.

Related

Xcode: push notifications to build on device work but not to TestFlight/App Store install on same device

I've realized that I can test push notifications in development and prod builds on local devices- but they don't work with real installs from TestFlight/App Store.
I think this has to do with Xcode's signing of builds vs. archives, but I cannot figure out what to do to fix my current configuration. I use the Xcode auto signing, FYI.
I use Mixpanel for event tracking and notifications, which also lets me confirm the device token is being retrieved successfully. I have my production push certificate uploaded there.
If I have a build running on my device, I can grab the token from a log message and send a push to it (using my prod push certificate) with a different utility called Pusher- this works perfectly.
However, if I download my app from TestFlight or the App Store, start it, get the resulting token from Mixpanel, and send another notification via Mixpanel, it never shows up. Going back to Pusher, if I attempt a push with the token from Mixpanel, I get an APN invalid token error.
Both of these tokens were grabbed the same way- immediately after the user agrees to notifications or the push plugin finishes setup. They were also grabbed on the same code- but one from a running Xcode build, the other from an archive on the TestFlight.
Project setup- I have the Push switch set to on in the Xcode Capabilities menu, and I've generated push certs for dev and production (well, 2 for prod by accident. I figured it was fine):
I also have the Distribution and Dev provisioning profiles created. This is where my question lies- I read that Xcode doesn't use the Distribution profile you create until archiving, and uses it's own until then if you have Automatic Signing selected in the code signing settings.
Is that why I have 2 profiles here? The one I created shows as Active & also lists Push Notifications under services if I expand the entry below:
The cert my production provisioning profile is signed with is an iOS Distribution certificate that matches the team I have selected for signing:
While writing this up I realized that maybe my release build settings, specifically signing, were wrong. I though they should also be using my Iphone Distribution: MyCompany Inc (USA) certificate (instead of the default iOS Developer identity), since my Distribution provisioning profile is signed with that same certificate. Unfortunately this doesn't seem to work either.
If my build settings look like this (or if I select the generic iOS Distribution from the dropdown for Release identity):
I can't actually build- I get an error that there are conflicting provisioning settings. If I use the iPhone Distribution: MyCompany Inc (USA) certificate just in the Release line (not the Any iOS SDK line), I can create an archive, but I see the same behavior.
I thought for sure this was it, since I've been using my MyCompany Inc (USA) development team for provisioning when validating/uploading archives.
I also tried turning off automatic signing and setting the debug and release profiles to the dev and prod provisioning profiles I made in the Apple Developer site. No luck there either.
Just to come full circle- this is the archive summary information I see when using automatic signing:
This is correct, right? The identity listed was used to sign the selected provisioning profile, so that should be all I need as far as proper signing, right? Given the other setup, of course.
I'm completely stumped at this point- how am I supposed to configure signing for archives?
This didn't end up being a signing issue after all- while I'm still a little bewildered on exactly what I need to do for signing release builds, it seems the Xcode automatic process handles it properly, given that the correct provisioning profile has been created in your Apple Developer account.
There were 2 issues here:
The Pusher utility I was using to send pushes to test devices has an option called "Should use sandbox environment" that's checked by default. Once I unchecked it, I could send pushes to devices that had downloaded TestFlight/App Store builds. I didn't realize the production push certificate could be used both ways.
At the same time, I was still having issues sending notifications from Mixpanel. It turns out that, for some reason, some of the devices I try to push to (even with Pusher) don't seem to get a notification with a certain priority level. By adding "priority": 10 to the custom data of a Mixpanel test notification, I am able to successfully send/receive them. I figured this out by playing with the dropdown in the screenshot of Pusher below:
My own device would receive pushes with any of these 3 levels selected, but other devices would only receive pushes with the "Immediately" level or "Priority: None" level selected. Why? I have no idea.

Wrong iOS provisioning profile being chosen

I have followed a tutorial to enable Push Notifications on the App. It's still in development phase and internal testing only.
Using that, I have correctly enable development push notifications on the App ID, and the development provisioning profile accordingly. So much that the first three or so bundles that I have uploaded worked correctly and the Push Notifications went just fine.
Now, with the last update I've done, I've received an Email with an issue and the Push Notifications stopped working:
"Missing Push Notification Entitlement - Your app appears to include API used to register with the Apple Push Notification service, but the app signature's entitlements do not include the "aps-environment" entitlement... etc."
What I realized since then is that when I run "archive" to build the app, after I choose the team (the only one I have and always have used), when I come to chose the Binary and Entitlements, the Provisioning Profile is a DISTRIBUTION one and not the development one I have created.
I've tried countless things from my search on the internet. Including forcing in Code Signing on my target Build Settings the iPhone Developer:MyName and the development profile I've created in the Provisioning Profile row (wich is available to select here).
Still, no-go. I have no idea what changed in the process since I didn't mess with certificates or changed anything in that field, just plain app code.
Thanks for the input.
EDIT: I'll add some screenshots that maybe can shine some light.
The XC:profile is the default distribution provisioning profile that XCode is creating.
Note : without knowing the root cause i can only help you confirm whether you have all the certificates on proper place and using correct one.
Please go this way..
Just check in your Keychain and developer.apple account, if developer certificate is valid, if yes then
Check Provisioning profiles for Development and Distribution with Notification service enable in Provisioning section on developer.apple account.
So far everything is proper then.
Go to Xcode -> Preferences -> account -> refresh all certificate for the same apple account. and hit download.
Now go to Project settings -> general -> confirm you should have selected appropriate team.
finally to to project settings -> build settings -> search "code signing"
now select correct Provisioning profile and developer here.
please let me know if you find any trouble in this.
In my case, I had changed the bundle identifier for the app, but the App ID listed on the provisioning profile was still wrong. Turns out that in the "Packaging" section under build settings, there's another place where the bundle id needs to be changed ("Product Bundle Identifier"), and that's what the code sign-y thing was looking at.
Using Local Signing assets while exporting solved the issue for me

iOS and Xcode : How to set the code signing for deployment?

I am about to submit my iOS app on iTunes connect but after hearing about multiple rejections from Apple I want to make things properly.
The only thing I am not sure about is the Code Signing part in the Build Settings of the target.
Up until now I had left the default configuration but I changed the provisioning profile to my distribution provisioning profile (that is, the provisioning profile which has the production certificate) because it seems kind of logical. But I am now wondering if I should have left the default settings. Could you tell me if what I've done is correct?
When you create an archive to submit to the store, the app will be built using the Release configuration (Top left of xCode, click on the Scheme dropdown (next to the stop button) and you choose edit scheme to see how an archive uses release)
So in Build Settings/Code Signing you will see that you can specify a different profile for Debug and Release under Code Signing Entitlements.
For debug, this to your Developer Profile, for release set this to the Distribution Profile.
If you are building the app for a development built it will use the developer profile while an archive for the store will sign with the distribution - and you won't need to keep switching back and forth.

Missing Push Notification Entitlement warning

We have created an App ID, distribution certificate and provisioning profile. Push Notifications were not initially enabled.
We now need to implement Push Notifications in the app.
We have enable Push Notifications in the App D, check the provisioning profile, the provisioning profile was invalid, updated it, and downloaded the latest provisioning profile to use it for next time.
We then integrate the APIs for Push Notifications via APNS in our code.
After uploading the app in iTunesConnect, we get the following email from Apple:
Dear developer,
We have discovered one or more issues with your recent delivery for "Swanvi". Your delivery was successful, but you may wish to correct the following issues in your next delivery:
Missing Push Notification Entitlement - Your app appears to include API used to register with the Apple Push Notification service, but the app signature's entitlements do not include the "aps-environment" entitlement. If your app uses the Apple Push Notification service, make sure your App ID is enabled for Push Notification in the Provisioning Portal, and resubmit after signing your app with a Distribution provisioning profile that includes the "aps-environment" entitlement. See "Provisioning and Development" in the Local and Push Notification Programming Guide for more information. If your app does not use the Apple Push Notification service, no action is required. You may remove the API from future submissions to stop this warning. If you use a third-party framework, you may need to contact the developer for information on removing the API.
After you’ve corrected the issues, you can use Xcode or Application Loader to upload a new binary to iTunes Connect.
We have re-checked the App ID. Push Notifications are enabled for development and production.
In the Provisioning Profile, the Push Notifications option is shown.
Why are we getting this warning via email?
You need to see 2 things: The provisioning profiles used by your account on Xcode and the ones on developer.apple
Its all about the provisioning profiles.
STEP 1:
Go to https://developer.apple.com/account/ios/certificate/ and see the Active iOS Distribution Provisioning Profiles you need for your app. Then click on it and make sure Enabled Services has Push Notification enabled. If it doesn't then click on edit and enable it by following the steps provided by Apple. If it is enabled then perfect.
STEP 2:
Delete any Invalid Provisioning Profiles you see related to app (just the invalid ones for YOUR app). I'll tell you why in the following steps.
STEP 3:
Go to Xcode -> Preference -> View Details (for your Account) -> [OPTIONAL: To be sure invalid one is gone, rt-click on any provisioning profile, select "Show in Finder", then Delete/Move all the provisioning profiles from that folder.] Now click Download All Profiles. This will replace local provisioning profiles with current ones. Click DONE.
STEP 4:
Go to your app Targets -> Build Settings -> In Code Signing, expand your Provisioning Profile to show Debug and Release tabs. By default it will be on Automatic (which is why your app was probably automatically using the invalid profile that we just deleted in step 2). For Release, to be on a safer side, select the Active Provisioning Profile with enabled Push Notifications as seen on step 1.
That's it.
You shouldn't get any emails now.
#Djeeraj V.S. is correct. Cordova added some conditional compilation to remove this requirement for apps that do not need Push notifications.
You could comment out the code in in Classes\AppDelegate.h as per this answer, but its better to add the compilation symbol DISABLE_PUSH_NOTIFICATIONS via the UI so you can continue to benefit from future Cordova upgrades.
I come from .NET background so i am familiar with conditional compilation but had to spend a bit of time working out how to get the compiler flag working in XCode.
Turns out the magic word here is 'Preprocessor Macro'. Here is how its done graphically via the UI (note that this the way its done in XCode 6.1):
Hope this helps other people out there in same situation.
In my case I've just checked again 'Capabilities' page inside project properties and pressed 'fixed issue' in the correspond APNS menu. Now it have to look like this
XCode 11. To handle press on Capability button (+)
I had the same warning and here is how I solved it.
First of all, when you archive your project, under entitlements if you don't see aps-environment and your app uses push notifications, then you will get the warning mentioned in the question.
FIX STEPS
1- Make sure your distribution profile is valid in Apple's Portal.
- If it's not, then regenerate it.
2- If your distribution profile is valid, then in XCode, navigate to Preferences and then click View Details. At this point under Provisioning Profiles, make sure you don't have invalid distribution provisioning files. If there are invalid ones, then make right click and move them to trash. If you don't have the valid one, then download it from the Portal.
3- Go to Build Settings -> Code Signing and for everything choose the distribution provisioning profile.
At this point if you archive, you can see aps-environment in your entitlements and the warning email won't come.
In my case, following practice worked.
Xcode 9.2
Disabled Automatically manage signing which appears in Build Target > Signing
Import provisioning profile manually.
I fixed that issue by below steps:
Open your project with Xcode
Click the Signing & Capabilities in Runner tab and then click the + Capability button. Type push in the filter field and press Enter.
After adding the push notifications entitlement, the Runner.entitlements file will have been created in your project
I have a cordova app, where I have had notifications previously, but wanted to remove it from the app. I tried following the above answers, but I still encountered this issue when I uploaded the build. I realized, that I had a plugin installed, who used the notification setting, and somehow kept some settings activated for notifications.
I solved the issue by removing the ios platform completely cordova platform rm ios, adding it again cordova platform add ios and making sure that the plugin was removed from the ios.json and fetch.json files.
2021 Xcode 12.4
I had the similar issue.my app uses push notification. For older release I never got such email from Apple. I think there's some issue with the Automatically manage signing.
Solution Do the Manual app signing
Disabled Automatically manage signing which appears in Signing & Capabilities
Import provisioning profile manually.

Run xcode project with distribution profile on it

I have created an iOS application, and wanted to submit it to the App Store.
I saw a tutorial on how to do that, and understood that I need to create a Distribution profile and replace it with the Development profile. So I did that but before sending it to the App Store. I want to check it last with that profile on it (the distribution profile).
Can I run Xcode project when I add a distribution profile?
because when I tried running it on a real device, an error popped up: "the provisioning profile "XXXXX" was not found".
So i went to the Devices tab and tried adding the file of the provisioning profile, and it didn't allow me to.
What should I do?
You can't use distribution profile to run the app on your device directly from your device.
Now Apple provides beta testing of apps using iTunes Connect. So you can opt for that option as an alternative.
Refer Beta Testing Your iOS App for more details
Yes, you can do by applying small tweak.
Open you Xcode project
click on your target.
choose edit scheme from list.
choose Run tab from left.
select info tab from top.
select Build Configuration and choose release from drop-down list.
Now delete your existing app, from device if exist.
And run the app from Xcode.
After completion of compiling for app, it would show some error dialog and will stop execution, ignore it.
Now app is installed on your device with distribution profile.
Re-run the app.
Cheers!

Resources