George McKinney Adventures in Software Development

February 4, 2021

iPhone App Signing (manual process)

Filed under: Flash Debugger,iOS,iPhone,Mobile — georgemck @ 10:49 pm

Scenario: created an iPhone app for Grip 411 using Adobe Air for Mobile now managed by Samsung Harman’s AIR SDK. The build process created the app’s grip411.ipa properly but was rejected by Apple because:
‘ERROR ITMS-90034: “Missing or invalid signature. The bundle ‘com.grip411.release’ at bundle path ‘Payload/Grip’ is not signed using an Apple submission certificate.”‘ Reason: Apple updated their code signing tools which get updated automatically using the latest version of XCode but since I am still on the previous version the certificate for signing had not been updated yet.

The process below uses a manual signing process via the command line.

# same process worked on Feb. 4, 2021
# had to first update the certificate APPLEWWDCRCA3.cer and install it into KeyChain Access

# this version was tested OK vith macOs Sierra 10.12.5 (16F73) on oct 0th, 2017
# original ipa file must be store in current working directory

CERTIFICATE="hexadecimal-certificate-identifier" # must be in keychain
# identifier maybe retrieved by running: security find-identity -v -p codesigning

# unzip the ipa
unzip -q "$IPA"

# remove the signature
rm -rf Payload/*.app/_CodeSignature

# replace the provision
cp "$PROVISION" Payload/*.app/embedded.mobileprovision

# generate entitlements for current app
cd Payload/
codesign -d --entitlements - *.app > entitlements.plist
cd ..
mv Payload/entitlements.plist entitlements.plist

# sign with the new certificate and entitlements
/usr/bin/codesign -f -s "$CERTIFICATE" '--entitlements' 'entitlements.plist' Payload/*.app

# zip it back up
zip -qr resigned.ipa Payload

No Comments

No comments yet.

RSS feed for comments on this post. TrackBack URL

Sorry, the comment form is closed at this time.

Powered by WordPress