I'm looking to add a new device to a provisioning profile for an app I'm developing. My concern is that there are already a few devices outside our office running a test build that was installed using an existing version of the provisioning profile.
If I update the the provisioning profile to include the new devices, will the provisioning profile on the existing devices become invalid and stop that existing version of the app from running properly?
No, the old provisioning profile(s) will remain valid. The only way for an app to expire is if the development certificate used to sign the code/profile is revoked or expires.
Related
I have developed a couple of applications in iOS. Few days before my provisioning profile got expired. I renewed and downloaded it from apple developer portal. Now my question is how this new profile will get reflected in existing applications? Since there are many applications I won't be able to build it again with a new provisioning profile. So please let me know how to add this new profile with existing applications without a rebuild.
Thanks in advance.
The answer depends on what kind of builds you're concerned about:
App Store: expired provisioning profiles don't affect builds that have been downloaded from the App Store. You don't need to make a new build with the provisioning profile. You will, however, need to use the new provisioning profile if you update the app on the App Store.
Ad Hoc: builds will stop running if the provisioning profile used to create them has expired. You will need to make new builds and distribute them again.
Enterprise: you can update the profiles using the MDM protocol. See the "Provisioning Profiles Can Be Installed Using MDM
" section in the MDM Protocol Reference.
I am trying to understand what happens to Development apps already installed onto devices, running with invalidated 'Development provisioning Profile'
And would I be able to install a Development app signed with Invalid Development Provisioning Profile onto my registered devices.
In consideration, Provisioning profile has the right App ID, Development Certificate and Devices.
I have faced a scenario where the so called Firstly generated build was not installable when Provisioning profile was invalidated, so edited to make it valid. Perhaps secondly generated build was installable though profile was invalid again.
Confused with these scenarios to consider the right answer!
When Development profile expired/invalidated:
Already installed app won't be affected and It should be still working fine.
You can't generate new builds for devices.
If you generated the build with valid profile and invalidated that profile, you should generate build again once you made it valid.
I maintain an internal iOS app for a client who has an Apple Developer Program account (not Enterprise). They routinely give new devices access to the app by adding the UDIDs to the Devices list in their Apple Developer account and updating their Distribution provisioning profile. Then they deploy the app to the new devices through Airwatch.
When they add new devices in this way, they don't want to have to rebuild the app in Xcode with the updated profile. Instead, they believe they should be able to export the updated profile from their developer account, upload the profile to Airwatch, and push the app to the new devices, without ever generating a new IPA.
Is it possible to do this without an Enterprise Apple Developer account?
As long as you can get the new provisioning profile on the devices through MDM, you don't need to publish a new build. You just need to make sure the profile is installed on the device before they try to install the app. iOS doesn't necessarily care if the valid provisioning profile is bundled with the app when it was packaged. It just cares if a valid provisioning profile is installed on the device when an app is installed / run on the device.
I have used a similar technique with some internal apps we have, since we use a wildcard bundle ID in our profile. If the profile bundled with app A expires, it doesn't matter as long as the user has installed app B, which has a newer, still valid profile.
In my opinion, the workflow should look like this:
new device(s) received
add devices to provisioning profile on developer site
download updated profile and distribute it to all devices, including new device(s) via MDM
have users of new device install app (which should work since they now have a valid profile on their device for the bundle ID in question)
This works for profiles, however, when the certificate expires, you will need to rebuild the app(s).
I hope you can help me with this...
Situation: Regenerating a provisioning profile but still using the same developer certificates and app id:
What would happen to the app using the previous provisioning profile installed to users' device when the provisioning profile is regenerated in Apple Developer Center? Would the app still behave normally or no longer run?
If the app with the regenerated provisioning profile is being installed to a device where the app with the previous provisioning profile is already installed, would it be considered as an update or new install?
Thank you in advance!
As of questions #1, the app will work normally as long as:
The old provision profile has not yet expired.
The device UDID is included in the provision profile (relevant only
for developer certificate)
As of question #2:
As long as both apps has the same bundle ID it will be considered as
an update.
If both apps does not have the same Bundle ID, it will be considered
as a new install.
If the old app was deleted before installing the new one, it will be
considered as a new install.
If provisioning file is regenerated for same certificates i.e.., same bundle Id then it will be considered as an newly signed identity rather than an update. But if you revoke the certificates then the previous apps built with existing certificate will stop irrespective of provisioning files regenerated.The above situation applies only for Enterprise builds and not for Ad-Hoc builds.
My iOS Provisioning Profile will expire soon and I need to know the smoothest way to renew that profile. My certificate doesn't expire for another couple of years, so the certificate itself should be fine.It is an in-house (non-App Store) app and is installed on a number of devices.
Which is why I'm wondering if the app will stop working if I do the following:
Let the provisioning profile expire.
Click generate inside the existing profile.
If so, is there any way to update/renew the profile without taking down the app or releasing a new version? If I have to release a new version, is the best option to create a new profile to reduce downtime?
So generating a new provisioning profile will not invalidate any of the apps out there on devices. Basically, you should choose option 2. Generate the new provisioning profile, build a new version of the app with the new provisioning profile, and just make sure all your users / testers update to the new version of the app.
Alternatively, you could generate the provisioning profile and then distribute the profile to all the devices through MDM (if you're using an MDM solution) or by email (not a great experience). Basically the app will continue to run as long as the new provisioning profile gets on the device before the old one expires, whether that's through MDM, manually, or by installing a new version of the app with the provisioning profile in the .app payload. Or if your users download any app with the new provisioning profile, assuming that provisioning profile is set up with a wildcard app ID, that will also correct it (see information about that here: https://stackoverflow.com/a/29121777/3708242).
But option 1 will certainly result in your app refusing to launch once the expiration date arrives.