Xcode 6.1.1
We are trying to sign our app for distribution (or even just to test on physical device). We have a referenced framework in our project. We were under the impression that we should only sign our app itself (and we have all code signing identities, provisioning profiles, etc. set up), but we should not sign this external framework, since we didn't write it. It should be getting its code signing credentials from the parent project.
However every time we try to run on physical device, this referenced framework throws a build error: "CodeSign error: code signing is required for product type 'Framework' in SDK 'iOS 8.1'".
Does this mean we actually have to code sign this?
Specifically, the framework we're trying to use is Alamofire.
I think it depends on where those frameworks come from:
If they're yours (i.e. internal library you're bundling with your project), you need to sign them.
If they come from an open source project that you're building from source (i.e. a pod from Cocoapods) you'll have to sign them.
If they come from a 3rd-party developer they should already be signed.
There's a a step called "Embed Frameworks" under "Build Phases" of the target where you can specify which framework to embed in your bundle and what to code sign:
It doesn't matter if they already have a signature: yours will replace whatever was there.
You can always check the certificate status of a framework with the codesign command line tool:
xcrun codesign --verify --verbose [MYFramework.framework/MYFramework]
and print the singing entity with:
xcrun codesign --display --verbose [MYFramework.framework/MYFramework]
Related
Building an Ionic app to try and test on my iPhone. I downloaded XCode last night and went in and created a profile with my Apple ID, as well as changing the bundle identified in the "General" and "Signing & Capabilities" tab. However when I run "ionic cordova build ios --prod" I get the error:
error: No profiles for 'io.ionic.starter' were found: Xcode couldn't find any iOS App Development provisioning profiles matching 'io.ionic.starter'. Automatic signing is disabled and unable to generate a profile. To enable automatic signing, pass -allowProvisioningUpdates to xcodebuild. (in target 'MyApp' from project 'MyApp')
** ARCHIVE FAILED **
xcodebuild: Command failed with exit code 65
[ERROR] An error occurred while running subprocess cordova.
cordova build ios exited with exit code 65.
Re-running this command with the --verbose flag may provide more information.
It seems to me as though I have done the necessary code signing procedures that I read from Ionic's website, so I am unsure why it still isn't working.
To run the app in your iPhone there are several steps, check these:
You have created your app ID in the website.
You have created your provisioning profile in the website, and downloaded to your computer and added to your Mac (web -> download profile -> double-click)
You have created a development certificate (search how to create a certificate using a Certificate Signing Request generated in your Mac ) and then downloaded that certificate and added to your Mac.
There are two certificates. Distribution certificate is used to publish the app, but development certificate is used simply to run the project in your iPhone, you need that.
But honestly, it's all much easier if you use XCode instead of the console. In the console run the command without --prod, to apply ionic changes to the iOS project. Then if you want to run the app, it's easier if you open XCode and just click play.
With XCode there's the option "Automatically manage signing" that will handle most of this for you automatically. You just have to login to your account using XCode (it will prompt you) and let it do it for you.
I'm working on a cocoa pod framework which has a couple of shell scripts in it. After installing the pod, the user should add the following in app's build phase -> run script :
“${PODS_ROOT}/MyPod/MyPod/framework/MyPod.framework/scripts/build.sh”
After this the build works fine and app runs. But archiving creates problems. XCode gives an error saying:
iTunes Store Operation Failed
Invalid Signature. Code object is not signed at all. The file at path [SampleApp.app/Frameworks/MyPod.framework/scripts/build.sh] is not properly signed. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose "Clean All" in Xcode, delete the "build" directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
I've two concerns now:
Xcode doens't allow scripts to be a part of archive?
If thats the case, then how do I remove these scripts from archive? Is there a build setting like ${ARCHIVE_DIR} from where I can search for the latest archive and then remove the script. Or, is there some build setting where I can mention what files to ignore while building or archiving?
Also, I've already tried adding these files to 'exclude source file names' to the app's build settings. It didn't work since the script to be executed isn't a part of the app, but part of the framework integrated in app.
Also, my framework is a fat framework generated by using lipo on simulator build and device build. Which means that framework won't be code signed.
Apple does not allow simulation code inside framework when push to store, to overcome this, either ship the framework without simulator arch, or use external script to remove it during app build.
Example script can be found in some framework like Realm, basically you have to add the script file in your framework, and tell user/dev to call this on their build script (it's the strip-frameworks.sh)
This issue is stated in this archiving universal framework bug
I have a rather typical iOS 8 iOS/ObjC/Xcode 6.4 application, which includes a WatchKit extension. I have no trouble manually submitting to the App Store using Xcode using the Archive menu option.
We use a build server (Bamboo but it shouldn't matter). The build server currently automates builds and distributions through HockeyApp, but we manually build and upload to iTunes Connect using Xcode. We would like to automate the builds for the iTunes Connect, so we're certain same codebase is used for both HockeyApp and iTunes Connect (both TestFlight and App Store).
I'm having a heck of a time getting the script working for iTunes Connect, due (I believe) to the three targets that need signing (iOS app, WatchKit Extension, and Watch App).
I found this answer to a related question, which has been very helpful: https://stackoverflow.com/a/29605731. That suggests putting variables into the Provisioning Profile settings for the three targets. This works for building. But that question doesn't involve uploading to iTunes Connect, which is where I'm seeing trouble.
So my script looks like this:
APP_PROFILE="[the hex string]"
WATCHKITEXT_PROFILE="[another hex string]"
WATCHAPP_PROFILE="[one more hex string]"
First I make the xcarchive:
xcodebuild archive -project myProject.xcodeproj -scheme "myScheme" -archivePath myProject.xcarchive APP_PROFILE="${APP_PROFILE}" WATCHKITEXT_PROFILE="${WATCHKITEXT_PROFILE}" WATCHAPP_PROFILE="${WATCHAPP_PROFILE}"
which works fine. Then I export the archive to an .ipa:
xcodebuild -exportArchive -archivePath "myProject.xcarchive" -exportPath "myPath" -exportFormat ipa APP_PROFILE="${APP_PROFILE}" WATCHKITEXT_PROFILE="${WATCHKITEXT_PROFILE}" WATCHAPP_PROFILE="${WATCHAPP_PROFILE}"
which also reports success. Then I need to send the .ipa to iTunes Connect using the Application Loader's command-line tool (here I'm just verifying):
altool --validate-app -f "myProject.ipa" -u myUsername -p myPassword
which spits back this set of error messages:
*** Error: Unable to validate archive 'myProject.ipa': (
"Error Domain=ITunesConnectionOperationErrorDomain Code=1091 \"Invalid Signature. A sealed resource is missing or invalid. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose \"Clean All\" in Xcode, delete the \"build\" directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html\" UserInfo=0x7fec4be78b80 {NSLocalizedRecoverySuggestion=Invalid Signature. A sealed resource is missing or invalid. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose \"Clean All\" in Xcode, delete the \"build\" directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html, NSLocalizedDescription=Invalid Signature. A sealed resource is missing or invalid. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose \"Clean All\" in Xcode, delete the \"build\" directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html, NSLocalizedFailureReason=iTunes Store operation failed.}"
I get the same error if I use the Application Uploader GUI.
I'm confident I'm using the correct profiles in the script, as when I export an archive in Xcode these are the three Xcode selects (that export will validate/submit fine).
I'm at a loss where to look next. Any and all help is appreciated - thanks!
I'm practicing with this new programming framework called NativeScript, which allows creating native apps using JS. However, when I started working on the Hello World tutorial, I got this error:
https://gist.github.com/longpham91/d603c8fe7f6c6b06e86f
The error occurred when I tried running command "tns run ios" on Terminal, which basically allowed NativeScript to run HelloWorld app on my phone.
I also looked at the error log, and it seemed that the error might have something to do with my Xcode device settings, as explained here:
Check dependencies Code Sign error: No code signing identities found:
No valid signing identities (i.e. certificate and private key pair)
matching the team ID “(null)” were found. CodeSign error: code signing
is required for product type 'Application' in SDK 'iOS 8.4'
I'm not sure what this means, though.
I was able to figure this out after posting a thread on {N} Google group. Here's how:
Generate the Certificate and Provisioning Profile, following this tutorial: http://seventhsoulmountain.blogspot.no/2013/09/ios-code-sign-in-complete-walkthrough.html
Go into the iOS section of your {N} project (under platforms/ios), and run the .xcodeproject file. You can also make a copy of this folder, to be sure that you don't accidentally change something in the source code.
When the Xcode project is opened, go to Xcode > Preferences > Accounts, and click on View Details.
Add the Provisioning Profile by clicking the + button.
That's all. Took me a while to figure this out since I'm not all that familiar with Xcode, but your project should run on your iOS device now.
Not sure, but I think the PATH variable "android / tools and android / platform-tools /" do not exist. You can use the android command in your shell?
I am trying to upload an app to Testflight using XCode 6.3. However, on trying to validate the app, it is giving me the error message below:
I have tried regenerating the certificates and provisioning profiles without having any success.
ERROR: ERROR ITMS-90035: "Invalid Signature. Code object is not signed
at all. The binary at path [VirtualMechanic.app/dsym_upload.sh]
contains an invalid signature. Make sure you have signed your
application with a distribution certificate, not an ad hoc certificate
or a development certificate. Verify that the code signing settings in
Xcode are correct at the target level (which override any values at
the project level). Additionally, make sure the bundle you are
uploading was built using a Release target in Xcode, not a Simulator
target. If you are certain your code signing settings are correct,
choose "Clean All" in Xcode, delete the "build" directory in the
Finder, and rebuild your release target. For more information, please
consult
https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html"
That dsym_upload.sh script does not belong in the app bundle as it's the script that is run as part of a Build Phase that is used to upload the debug symbols to Crittercism.
Find the Build Phase that is copying it into the app bundle and remove it, however please note that it will still need to be run within a Build Phase.
Here's the official Crittercism Support Article related to the issue which recommends upgrading the pod to version 5.2.0.