I have a paid application in the App Store . Recently i got an email saying that my distribution certificate is expiring and needs to be renewed.
The Email was :
This certificate will no longer be valid in 30 days. To create a new certificate, visitCertificates, Identifiers & Profiles in Member Center.
My question is, after i renew it either by waiting the whole 30 days and then renewing it or by revoking it and requesting a new one, can i issue updates to the already present applications once i renew it? and how?
Sure - either option is fine - either let it expire or renew now. You won't be able to submit any updates with an expired cert, but once renewed you are good to go. No problem updating already existing apps with the new certificate.
It is possible to create new distribution (and also development) certificate directly in Xcode.
Choose Xcode > Preferences.
Click Accounts at the top of the window.
Select the team you want update, and click Manage Certificates...
Press the + button and choose iOS Distribution
Related
I got this mail from Apple.
Your iOS Distribution Certificate will no longer be valid in 30 days. To generate a new certificate, sign in and visit Certificates, Identifiers & Profiles.
I get some information from StackOverFlow but I want to know what I need to do if I modify my existing app. Will I able to update in future the same app with new certificate and new profile. Is that I need to revoke and generate the new certificate. Thanks for your help and comments.
As per new updates, you don't need to renew the certificate as a separate action. The renewal is based on the expiration of the Apple developer account. By taking the action of renewing your membership, this will automatically renew your certificates.
It is just a reminder of the certificate that is going to be expired very soon in future.
I want to know what I need to do if I modify my existing app. Will I able to update in future the same app with new certificate and new profile.
Yes, You can always able to create new certificates (Some has limitation to create) and use these certificate to generate new mobile provisioning profile or regenerate mobile provisioning profile using the new certificates.
Using old certificate (Expired) you can not able to run build on device and not able to publish app on App Store.
The new certificate will not affect on your app. In simple words, certificates are being used to run app on device, publish app on App Store, push notification, etc.
Context: A provisioning profile(PP) is nearly expired. The distribution certificate linked to it, will not expire for the next 2 years. The corresponding app is distributed over a MDM. All i read about renewing a PP is also including renewing the distribution certificate. But i just want to extend the PP with as little effort as possible.
Approaches: Either i would just press the "Generate" (on apple developer site while editing the PP) without changing anything or i would create a new one besides this one with same settings.
Questions: Which approach do you recommend? Is there a way, that i don't have to reinstall the app? What happens if i update this PP? Will the app run until the old PP is expired and then i have to install the new app with new PP?
I'd appreciate your input.
Yes, if the certificate is still good for a while, the best approach is to simply generate a new provisioning profile. Your existing deployments of the app will not be affected (as long as you don't revoke the certificate) because the existing profile is technically still valid until it expires.
Then, before the old profile expires, you have two options.
You can re-build the app with the new provisioning profile and push to the devices with your MDM solution. This will install the app AND the new provisioning profile on the devices. The app doesn't need to have changed - you are just using it to carry the payload of the new provisioning profile. The app will then work until the new provisioning profile expires (and you'll repeat this process next year).
If your MDM solution offers the ability to push the provisioning profile to your devices directly, take your new provisioning profile and deploy it to all the devices with the app. Once you have done this, the app will continue to run after the original, embedded provisioning profile has expired, because all iOS cares about is if there is a valid provisioning profile for the app ID on the device. No need to re-build the app, so this is preferable if there is no other reason to update the app.
Note that when your certificate expires, however, you will need to rebuild (or at least re-sign) the apps and redeploy them to the devices, so there will be no easy fix of just pushing a new provisioning profile when that happens. Plan ahead and give yourself enough time before the cert expires to make sure all necessary apps are re-built and redeployed.
I accidentally pressed the reset button on 'IOS Distribution' within IOS Developer account. This in turn made a hand-full of provisioning profiles invalid.
From what I have read here: https://developer.apple.com/support/certificates/
apps are still intact I will no longer be able to submit new apps or updates to the App Store.
Just want to verify if this is correct in my case and apps will not go down??
Thanks
Yes , the current apps will have no effect of the certificate being revoked.
Happened with me many times .
similar question threads here
Will revoking Distribution certificate affect application which is In Review (on apple store) for Iphone?
If I revoke an existing distribution certificate, will it mess up anything with existing apps?
If you are revoked .cer then you can generate it again and that does not effect on your live application.
In the developer Member Center there is your generated application ID that you generate for each application. You must take care about that Application id is not removed else you need to generate it as a new because its a unique and in this case you need add new app app and you can not update the current application that live.
What kind of steps you need to do if .CER revoked or expire:
If .cer revoked then just click on add new and select your CSR(Certificate Signing Request)
Now you have new cer then you need to just update your provisional profile and download it and use it thats it
I have an app in appstore, whose certificate is about to expire in 20 days. So i created new distribution certificate & new provisioning profile(used same previous appid) > then recreated build & submitted to Appstore. My queries in here is;
Is above process is the proper way of doing it.
1) I haven't revoked old certificate, it's still in account. Do I need to do anything to it or just leave it alone?
2) what if users didn't update my latest build (with new certificate) from appstore & instead try to stay with old build that got certificate about to expire shortly? In such cases, what'll happen to app, once cert is expired?
Thanks in advance.
There was no reason at all to submit a new build to the App Store - at least due to the certificate. An expired certificate only affects your ability to use provisioning profiles. Existing apps are not affected at all.
Users that don't update will not be affected.
Feel free to delete any old certificates. Use the new one to create new provisioning profiles.
While working on a new version of one of my apps Xcode told me today, that it cannot run the project any more because the development profile has expired.
The organizer shows for all development profiles "Valid signing identity not found" and for all distribution profiles "Profile has expired".
Of course it is not a suprise that profiles expire. In the past all I had to do was a click on "Renew" but this does not work any more. After entering user name and password for my Account Xcode shows the error message "No value was provided for the parameter 'certificateIds'"...
What can I do?
Instead of using the Organizer the directly visited the Provisioning Center webpage. There are two entries within the section "iOS Apps/Certificates/All":
1. "My Name iOS Development Expires: Mar, 17 2012"
2. "My Name Development Expires: Mar, 19 2013"
A click on one of the certificates show option to "Revoke" or "Download" certificate. There is also a "+ Button" to create a new Certificate but the option "iOS App Development Sign development versions of your iOS app." is deactivated.
In the section "Provision Profiles" all development profiles are marked as "Active" and all distribution profile as "Expired". Only "Edit" and "Delete" options are available while a "Renew" option is missing. The "Edit" option shows the profile details and "Generate" button. I would assume that "Generate" creates a new version, but after pressing the button only a progress indicator is shown which comes to no result. After I reload the page the status is unchanged.
So, there are no options to renew the existing certificates and profiles (are there?). Thus I have to create new certificates but - as described - this option is grayed out. I Assume that I have to delete / revoke the existing certificates first. A click on "Revoke" shows a very explicit warning: "Revoking this certificate will invalidate it and any related services or provisioning profiles that use this certificate may be affected."
I am afraid that revoking the certificate might effect my existing app in the App Store - that the app might be removed from sale because the certificate they are based on was deleted.
Of course this is a scenario I would like to avoid. Does anyone know for sure what happens when using the Revoke option for an existing certificate. Does this even effect App Store apps?
Thank you very much!
For App Store apps, you don't need to worry. The signing information on app store binaries is only used for the initial validation to ensure it came from you. Once it has been uploaded the binary will be transformed and resigned with Apple's private key, encrypted with Fairplay, etc.
This means revoking your distribution certification will not affect live apps. You only need to worry if you have an enterprise account.
No, revoking certificates does not affect apps already on sale. For that matter it won't even affect apps submitted for review. (We had renew a certificate while an update was in review. No problems at all)