Validation/Submission error: Application failed codesign verification - ios

I have a number of apps that are almost identical (with the exception of a few constants, images, and a sqllite database file). I've never had any issues submitting them before, however today one of the updates gave the following error when validating/submitting (note: I have updated this app in the past with no issues):
Application failed codesign verification. The signature was invalid, or it was not signed with an iPhone Distribution Certificate.
I've spent all day trying everything to get this to work. I even diff'd the entire project folder against another app (which submitted successfully, today), and all build/signing settings are exactly the same (except bundle identifier, version number, etc.). I've even (as a last resort!) revoked the certificate and re-generated everything, including provisioning profiles.
I've been through all of the steps listed here:
https://developer.apple.com/legacy/library/technotes/tn2250/_index.html#//apple_ref/doc/uid/DTS40009933
However, if I "Share" the app from the Organizer and save to disk, running codesign -dvvv says it's not signed at all (however, this happens with the ones that worked!). Not sure how else to run this, as the file generated (and shown in Organizer) is not a .app file.
I'm at a total loss how to figure out what's wrong with this, or why it's any different to the others. I don't seem to be able to get any more information out of the Organizer. The app was built exactly the same way as the others, and the project files etc. are identical (except for expected differences like images/names).

Ok, fixed this... I wish I'd tried this sooner, as it would've saved me many hours today!
It seems that the App Store provisioning file for this app was somehow corrupt - not on my Mac, but on Apples servers.. I downloaded it many times today, with no luck. I just discovered that selecting the Ad-Hoc profile during Validation worked, which led me to believe it was specific to the App Store one. So I deleted the App Store provisioning file from the iOS dev dashboard, then recreated it, downloaded it, and it worked!
Before I deleted it, I edited it, and everything was set correctly, and the expiration date was 6 months from now, so I can only assume something was broken Apple's side (even though I'm sure this same file worked in the past!) :-(

I also have the same problem.
All my provisioning Profiles, Certificates, Bundle Identifier every thing was perfect.
Except My Apps Executable file Name in Info.Plist and Product Name in Target Build Settings was slightly different.
And just because of that codesign_wrapper was not able locate Provisioning.
I spend nearly one day to figure this out.
So Please do one check
App Product Name is have to be same with your Executable file in Info.Plist.

I have a very similar problem, but in my case my distribution profiles keep disappearing from my system. So when an application specific distribution profile disappear Xcode picks up another one (wildcard, iPhone developer, etc.) which is not correct. Everything looks fine except I get this error.
My solution was that I downloaded all of my code signing profiles from Apple. I saved them in a directory and whenever one "disappears" I just have to double click the correct profile to add it to Xcode and update "release" entry in Code Signing Identity in plist.

Related

iOS app upload to iTunes Connect results in Invalid Signature issue

I'm working on a hybrid mobile app project (Ionic framework) and releasing to Android, iOS and web. This issue concerns only releasing the application on iOS.
I ran into an issue whereby I suddenly started getting the following email from iTunes Connect after building, archiving and uploading my iOS app to App Store from Xcode.
App Store Connect: Your app "YourAppName" (Apple ID: XXXXXXXXXX) has
one or more issues
Dear Developer,
We identified one or more issues with a recent delivery for your app,
"YourAppName". Please correct the following issues, then upload again.
Invalid Signature - A sealed resource is missing or invalid. The file
at path [YourAppName.app/YourAppName] is not properly signed. Make sure you
have signed your application with a distribution certificate, not an
ad hoc certificate or a development certificate. Verify that the code
signing settings in Xcode are correct at the target level (which
override any values at the project level). Additionally, make sure the
bundle you are uploading was built using a Release target in Xcode,
not a Simulator target. If you are certain your code signing settings
are correct, choose "Clean All" in Xcode, delete the "build" directory
in the Finder, and rebuild your release target. For more information,
please consult
https://developer.apple.com/library/ios/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
Best regards,
The App Store Team
I tried everything I could find on the internet regarding this issue:
Checking over my certificates, provisioning profiles, recreating them, updating Xcode, building the project again, made sure I'm using a distribution certificate not an ad-hoc certificate, verified the code signing settings in Xcode were correct, verified the bundle was built using the Release target, tried the "Clean All" option, deleted the "build" directory in the finder and rebuilt the release. In short - I tried everything I could find by Apple regarding this issue, also looked up the same issue in StackOverflow and tried a huge variety of the recommended solutions. I tried all of those options multiple times over to make sure I didn't miss anything.
Nothing worked...
Also a note that I was able to upload to App Store without any problems before. There hasn't been any changes to the project which could result in this Invalid Signature issue arising - no certificates have expired, no new ones have been created, no new provisioning profiles have been created. The same profiles and certificates were used which worked just fine some time ago. iTunes Connect just suddenly started responding with this issue.
What else can I try?
I was sceptical at first when I tried this solution but this actually solved my issue.
Find a spare USB stick or an external hard drive.
If your Mac's filesystem is APFS format the external volume using a HPFS Mac OS Extended (Journaled) file system. Move your project over to the freshly formatted HPFS external volume and rebuild it over there. This is important as if you build it on your Mac's APFS volume and then move it over to your HPFS external volume to archive and upload in Xcode this will not work!
The project needs to be built, signed, archived and uploaded ON the HPFS volume.
The uploading to App Store should now work again. It worked for me, hope it works for you as well.
See more information on the solution here

Appcelerator - CodeSign issue since adding new UDIDs to provisioning profile

I recently added some new UDIDs to my AdHoc Distribution Provisioning profile. I then downloaded the updated certificate and since then I have been able to publish my iPhone app as I keep getting a 'Codesign' issue.
I've tried everything seen in many other posts on this forum including deleting and recreating my developer and production certificates and deleting and recreating my provisioning certificates (Both Developer and Ad Hoc Distribution).
I now can't even 'run' the app to my iPhone attached to the computer (which wasn't one of the new UDIDs - deployment to this phone has always worked).
I'm at a loss where to turn as
Apple tells me my Provisioning Profiles are 'Active'
Xcode shows the correct Provisioning profiles
My Key Chain tells me I have two valid certificates (one iPhone developer, one iPhone Distribution).
Appcelerator gives me all the ticks when I am choosing which profiles to use in the build
I have been 'cleaning' my app and restarting Appcelerator like crazy but with no luck
I really need to get this app over to the client, but have no idea what is 'wrong' as everything matches up. Is it possible Xcode has cached old certificates? Has something got corrupted?
I have been through this issue in past month, the problem was exactly same as yours, everything was showing correctly.
But from your Keychain screenshot, I think there is no private key (this was my case also) attached with your certificates which is the issue of CodeSign.
If you even install the .cert file, it will still show it as a valid certificate, but you might not be able to sign your code due to missing private key.
So, make sure you get the private key added along with the certificate in your keychain. If it does not works for you then you should create new certificates from same machine you will distribute the app as it will save a lot your headaches :)
As is often the case - this was a very simple issue wrapped up as a complex one.
When creating a build (both under 'Run' and 'Package'), you can select which KeyChain to use. Somehow this dropdown had changed from 'System Defaults' to another one... changing this Select KeyChain drop down back to System Defaults was all I had to do!
Thanks to #prashant-saini for getting me thinking about keys and keychains!

App Submission: Invalid Binary - Invalid Signature

I am trying to submit an update to the iOS app store. I am going from a Buzztouch app to a Sprite Kit app. I am able to archive the Xcode project and submit it. The app gets to the status of Upload Received but than about a minute later, it changes to Invalid Binary and I get an email saying:
Invalid Signature - Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose "Clean All" in Xcode, delete the "build" directory in the Finder, and rebuild your release target.
Once these issues have been corrected, go to the Version Details page and click "Ready to Upload Binary." Continue through the submission process until the app status is "Waiting for Upload." You can then deliver the corrected binary.
I have cleaned out the build directory, rebuilt my release target, and made new provisioning profiles multiple times. All of the Code Signing Identities are set to iOS Developer. Code signing and the provisioning profiles have always been a little bit confusing to me, I could have made some obvious mistakes.
I have tried submitting over 50 times! I find this very frustrating because I have emailed Apple and they got back to me but it was just a link to the dev center with code signing information. I have also spent lots of time searching the Internet to find a solution to this and there hasn’t been a good solution that actually works for this problem.
The only thing I can think of is either because I am changing from a Buzztouch app or it is Sprite Kit.
Here is a screenshot of my code signing:
In Apple developer support there are two additional common causes of the Invalid Signature binary rejection reason,
executable files containing special characters (i.e. non-numeric, and non-alpha). To resolve this issue, change the Xcode target’s Product Name build setting from “${TARGET_NAME} to a string containing only alpha/numeric characters. Let me know if this was the cause of the issue (and the problematic characters) because I file bug reports to fix each instance I find here.
Apple Double Files ("double files") that result from copying the Xcode project uncompressed to/from a non HFS+ formatted hard drive. To check if this caused your rejection: 
A. Run the app diagnostic here: How do I check if my application's signature has been corrupted?
B. Then check the command line output with: List of Signature Verification Failure Root Causes. Double files are diagnosed with a message like:  
resource missing: my.app/._.*
C. From the docs:
The file prefixed with "._" is considered an AppleDouble file and it
can result from copying the uncompressed Xcode project folder onto a
non-HFS+ formatted disk. The AppleDouble files must be removed using
the 'dot_clean' command. The Xcode project folder is the argument to
dot_clean as illustrated below. Note: You can drag your Xcode project
folder from Finder into the Terminal window to automatically fill its
path into the command.
dot_clean /path/to/My_Xcode_Project
(If Terminal can't find the dot_clean utility, download the optional Command Line Tools through Xcode > Preferences > Downloads)
D. After running dot_clean on your Xcode project, create a new app archive (via Xcode > Product > Archive), reattempt submission.
To prevent double files be sure to compress the Xcode project folder to .zip using Finder before transferring it to/from a non HFS+ formatted hard drive. 
This is what I did when I encountered a similar problem with the Mac App Store:
Re-generate the app's Distribution and Development certificates (from the Apple Developer's Certificates site).
Download both certificates and drag them to Xcode's icon (not sure whether it had any impact, but after so many submission failures, I was pretty superstitious).
Re-fresh the certificates and identities from Xcode.
Open Xcode's Preferences.
Go to Accounts tab.
Clicked my account
Clicked the refresh button.
Generate the archive.
Submit the app and clicked on "refresh signing identities" somewhere mid-way in wizard prompts.
As a reference, here is my built settings related to signing. That one worked the last time I submitted the app (which has been in the "waiting for review" state for the past two days now, so I guess it passed all of their automated tests).
Your issue relate with signing failed because of your app didn't sign with recent distribution certificate. Check the following steps:
1) Check your bundle identifier to list out provisioning profile as like below picture. Because It also lead to this problem.
2)You may not using the correct certificates when building your app. Just Delete your certificates in Provisioning Portal and create new ones and update them in Xcode.
3) From your picture, you didn't selected correct provisioning profile. Goto Organizer / Provisioning Profiles / Refresh and allow Xcode to fetch the latest ones. see screen shot to how to do that.
Select correct Provisioning profile.
Select correct code sign.
4) Cleaned up your project.
5) Just clean all your targets . You can even go to /Users/%USERNAME%/Library/Developer/Xcode/DerivedData and delete all of the directories in there.
see this ref
Under "Code Signing Identity" Make sure you have selected your Distribution Cert for the "Release" scheme
Under "Provisioning Profile" make sure you select a Distribution provisioning profile (not an Ad Hoc one)
Archive and distribute, make sure the same cert is selected when submitting (after entering your iTunesConnect info)
After doing all of the above
Menu Bar
try Product->Archive
Then from the organise try resigning and submitting.
Window->Organiser
Select archive and then press distribute (but i'm pretty sure you'll know how that works)
Obviously if you can't do this then chances are you have indeed got something wrong with your signing certificates, more specifically your bundle identifier is likely to be the culprit.
One other option is your app uses services that you haven't set up on developer.apple.com/ios for the app id such as game centre, push notification etc. Good luck
check your launch images . Are they conflicting like 2 images have got same name. Because i have got the similar issue which i solved like this within 10 minutes.
To figure out this problem I just created a new Xcode project and copied and pasted everything into the new project.
In my case the problem was to not ASCII chars in filename (someone did sent us to embed), solution was to do a global search in project:
ls -1 -R -i | grep -a "[^A-Za-z0-9_.':# /-]"
And delete those chars from filenames.

Receiving Installation Error: ApplicationVerificationFailed in Flash Builder for iOS

This is the error I'm getting when I try to install my app on my iPhone.
More details:
It did work at one point. I used a different computer recently, working on a different project and had to create a new certificate. This invalidated my other projects (profiles). I went back to working on the first computer and uploaded the certificate from that one. I recreated the app profiles and downloaded the provisioning files based on that previous certificate. None of that worked. In the end I had to start over from scratch as shown in the answer below.
I finally got it to work by starting over from scratch. I think the problem was that when I went to a new computer and uploaded a new certificate I had to revoke the old certificate. It seems that once it's revoked that maybe it can't be used again.
So I recreated my signing certificate, recreated a p12 file from it, recreated (modified) the app profile (making sure to select my certificate again and selected all of my devices again), redownloaded the mobile provisioning file, reselected these in the iOS configuration screen and restarted Flash Builder and it worked again.
I had tried to use a wildcard, "com.myactualdomainhere.*" and I couldn't get that to work but I didn't do all the steps above (I didn't recreate my signing certificate) and if you can't reuse a certificate then that may have been the issue.
So I did all the steps above and used the app name, "com.myactualdomainhere.MyApp" and made sure it matched in the application descriptor file (for AIR apps) com.myactualdomainhere.MyApp.
It would be nice if someday they could simplify this process and give better error messages. Maybe they could verify the different parts along the way, for example, "your certificate is ok, your app profile checks out, but your app id is incorrect."
Also, MilkyWay posted a link to a post that has some more helpful information.
I experienced this error working with code from another vendor. As it turns out, they were trying to compile the IPA with an Entitlements.plist file. I just deleted that block of code (below) and it compiled just fine.
<Entitlements>
<![CDATA[
<key>get-task-allow</key>
<true/>
]]>
</Entitlements>
I've just been stuck with this problem this morning, took a while to figure out so thought I'd post incase anyone else has the same issue.
We had a problem adding a device to our provisioning profile, an iPhone 5 on iOS7. It turned out that the application we were using to get the UDID (UDID+) was giving us the wrong UDID. When I used the ID returned by
adt -devices -platform ios
It worked.
In my case it was at matter of unaccepted characters in some embedded folders. Folder names that contained special characters (æ ø å or whitespace) resulted in an ApplicationVerificationFailed error. (Not exactly the most precise error description I have encountered.)
I know this is an old thread, but if anyone else is Googling around and finds this thread and it does NOT fix your issue, I wanted to share my experience on this one. If you've confirmed that your certificates and provisioning profiles are all good and are still getting this, I determined that you will receive this exact same error if you have your app configured for TESTFLIGHT. In other words, in your APPNAME-app.xml make sure that the following is commented out within the IOS entitlements section:
<key>beta-reports-active</key>
<true/>
Once I commented that out, I was able to resume debugging locally. Pissed that I spent a day on this, but at least it's working now.
This can also happen if you change your Apple ID password.
My problem was that in my Application ID under apple developers, my app wasn't checked for PushNotification, but within my xml application descriptor, I had the entitlments for push notifiaction (aps_development).
Once à removed the APS value from my XML, worked all good.
If you haven't compiled in a long time, be sure you set your compilation settings to device testing and make sure you are using your testing provisioning profile. I got this today because my settings were still on app store.
The problem for me was that I was using a .p12 file which was meant for Apple Push Notifications instead of the .p12 file of my Developer certificate..
I used the .p12 I exported from my developer certificate and it works great..!
In my case it was incorrect application id problem (different compiled app id then app id I have defined apple)
sometimes this error occurs because of you bin-debug folder.
if that folder has some unknown character or something this error occurs.
I suggest if in that case you have to clean the project or find that file and change it's name
If it was working previously, just restart the flash builder.
I did some tests today on test flight with the Entitlements tags. It need to be remove when testing localy or I get the same error.
Like jbyun94 mentionned, get rid of unknown characters in filenames.
I had files in conflict from dropbox that prevented the app from compiling.
Removed them and everything worked again (though I'd lost a couple of hours :/)

Ad Hoc distribution for beta testing xcode 4.3

After following the great tutorials from http://www.raywenderlich.com/ on how to submit your app to the app store from square one I started planning my beta test program.
I'm not going to get into details of everything that wen well but of what I'm dealing with right now.
I've read many many posts on how to create provisioning profiles for ad hoc distribution of my app to beta testers. I've focused on those helping user get the app over the air (OTA) after a forum recommendation.
I also know now that TESTFLIGHT is out there but I can't use it this time.
Everything works well except the part where the application actually gets installed on my device. I keep getting the error "Unable to Download Application" after a few seconds of pressing "Install".
There are several possibilities and combinations of certificates, profiles, signatures, and here is where I think I'm doing something wrong. I'd like to show you what I have and what I've done and maybe your experienced eyes can spot my missing step or misconfiguration.
On the iOS Provisional Portal:
1) Ad Hoc distribution profile with a couple of devices:
2) After I download and install my certificates (I've create a couple of each for testing purposes):
3) On my xCode's project configuration:
4) When I generate the archive:
5) I upload everything to my server and then try to get the .ipa to install on my iPhone (which is one of the two devices included on the profile)
And finally I get this:
What could be wrong?
The only difference I can see is in the CodeSigning, ensure both lines under Adhoc point to your certificate.
Second thing to verify: You did not mention the plist that is created during the "Save for Enterprice". Did you upload that to your server, too? And does your link point to this plist? Check out this answer for the plist stuff: How to send the build to already provisioned remote person's iPhone
I've had this exact problem even where, like you (as far as I can tell), everything is done right.
What I discovered is that if you've EVER had the url to the plist file or the app file incorrect then your iPhone will always fail to install. There's some kind of cacheing going on where the phone fails to download the updated plist file if it's previously downloaded an incorrect one.
The fix I've used is to try a different phone (that hasn't cached a previous version), or to make a new version at a different URL. Sounds crazy, but it worked for me!
We have also faced with this problem couple of times and possible reasons might be;
Due to the screen shots, did you upload your files to exact location "http://www.becomingapps.com/en/ota/" location? When you give this URL during enterprise export.
Second possible reason we have seen is mismatched App Id's.
In case you haven't solved your problem, I think you can't use a wild card in your ad hoc profile. It should have the full ...com.becomingapps.dilemma signature.
You also have to upload both the icons, but I'm assuming you did that since your screenshot shows a custom icon.
It's worth the effort to get this working, my customers love it.

Resources