When signed with a certificate which is not included in the provisioning profile, still app is able to install successfully on device,how ?
I have two wild card signing Identities
A
B
I created provisioning profile with Signing identity A
Now from command line i resigned it with B using the same provisioning profile.
App getting installed successfully, how ?
You need to understand that in order to run an app on an iOS device, you just need a valid provisioning profile.
You have two wildcard provisioning profiles, so technically both could work. However, you state that your provisioning profile was created with Signing identity A. First, confirm that your provisioning profile has only the Cert for identity A selected. Technically, a provisioning profile can be valid with multiple certificates.
If you confirm that your profile is not associated with the cert for signing identity, meaning the profile should not be valid if you signed the app with identity B, the other likely reason is that you already installed the app (or some other app) using the profile and signing identity A. If that is the case, there is a valid provisioning profile on the device that says your app should be allowed to run. I posted some more details about scenarios where the provisioning profile packaged with the app may be invalid / expired / etc. but the app will still run on the device in this post.
If you are expecting to use the code signing / provisioning profile to keep an app from successful install, you should have a dedicated, explicit bundle Id in your provisioning profile, along with a certificate specifically for that app ID. Then you can expire the profile and revoke the cert when you need to prevent the app from running on devices.
Edit: To check if this is due to an existing provisioning profiles, open Xcode, go to Window->Devices Right click on the device in question and select "Provisioning Profiles", like this:
If you want to try it out, you can remove all the provisioning profiles from the device and try to re-install. If you really only have a provisioning profile that is configured to accept the signing identity A, and you sign the binary with signing identity B, it should not work.
Related
I used A's signing certificate to distribute the app before.Then changed it to B's signing certificate
It was successfully archived. I was stuck at last step which showed "Provisioning profile doesn't include signing certificate"
I can't delete all certificates cause there are other people use mac
Tried following solutions which are not working
In accounts and downloaded manual profiles
delete B's certificate in key access
Do anyone know
how to solve it? or how to update the signing certificate in Provisioning profile?
Thank you so much
I am having a problem with distributing an app using Fabric. I don't understand what is happening.
On Xcode General tab:
- The name of the team is correct "My Company Name"
- The provisioning profile is correct, it matches the correct bundle ID
I am able to distribute it with Fabric without a problem with this provisioning profile and bundle id
However when I login to my company's Apple Dev account( I am a member) the provisioning profile is not there so I can't add the UDID of a new user. I can see all the other provisioning profiles for my company.
This app is for a client of my company. It's possible that the app is under their account I guess but it doesn't make sense to me as in Xcode the provisioning profile shows that it is signed by my company.
If I go to Xcode -> Preferences -> Account I actually see an account for the client. I guess that means that I had their credentials at some point(I have no recollection of that) but again... the current provisioning profile is signed with my company's name, not the client's. And if I use the client's account on Xcode it asks me to change the bundle id because it's already taken.
I am confused. What could be happening?
The problem was that the app was using a Xcode Managed Profile, that's why the Provisioning profile wasn't listed in the Apple Dev Portal.
The solution is to add the udid's to the Apple Dev Portal and re-download all the Provisioning Profiles.
By mistake I removed the existing developer provisioning profile. So I am trying to create a new developer provisioning profile but each time it is showing ineligible.
Role of my user in the team is agent. App id, adhoc, and distribution provisioning profiles are created under that team with my ID which is working fine. I downloaded all developer and distribution certificates also. But in my keychain I found private key missing for the developer certificate but present for distribution certificate.
At the time of creation of the developer provisioning profile I am selecting all the available signing certificate and all the device ids. In my Xcode project when I am trying to select the developer provisioning profile, which is showing ineligible, I am getting the error message:
"Provisioning profile 'dev_provisioning_profile' doesn't include signing certificate 'iPhone Developer:'. No certificate matching 'iPhone Developer: ' for team 'team_name'.
What should I do to create valid developer provisioning profile?
Finally solved the issue. Just writing the steps. Not so sure that these are the exact steps but worked for me, may be helpful to others-
Delete the developer certificate that does not have a private key.
Then first check then uncheck the Automatically manage signing option in the project settings with selecting team.
Select provisioning profile in the project settings.
Delete the provisioning profile from machine.
Sign in developer account and edit the provisioning profile selecting all available developer certificates
Download the provisioning profile and add to XCODE.
By following these steps the provisioning profile becomes eligible and working fine.
You should delete the developer certificate that does not have a private key especially if there are multiple instances with the same identity. Also an easy way to solve this may be to uncheck then check the Automatically manage signing option in the project settings.
When i try to archive me app in Xcode, it gives me an error that i don't have a provisioning profile. how do i get one. i have an IOS Development account.
I tried to upload a distribution certificate, but it did not work. why?
The Error says...
XCode attempted to locate or generate matching signing assets and failed to do so because of the following issues.
you account already had a valid IOS Distribution certificate
visit member center or import developer profile.
There are certificates and there are profiles, they are two different things. It sounds like you have a distribution certificate. Go to the developer portal, and then go the the identities, certificates, and profiles.
Profiles will be at the bottom. You need a distribution profile for your app id. Distribution profiles are then signed by distribution certificates. It is pretty straightforward. Once you create the profile, download it and double click it to add it to your library.
We have an app that we have distributed to employees using an ad hoc provisioning profile.
We now have a business requirement to delete the provisioning profile from the provisioning portal (though it will stay on the devices).
I am under the impression that when using ad hoc distribution, there is a periodic check done with Apple's servers (although I believe that this is checking the validity of the profile stored on the device against the certificate stored on the server, and shouldn't be affected by any changes on the provisioning profile unless the certificate is revoked, right?).
My question is:-
Will deleting the ad hoc provisioning profile from our Provisioning Portal cause the app to stop running on the employees' devices?
As far as I know, this is not happening. The profile is only checked on install, there is no way to "revoke" a profile like with certificates. So the app will still work and can be installed using the old profile file.