How to re-sign the ipa file

Question

How do I sign the  ipa file with a provisioning profile after I generate an IPA like the following with a different provision profile  I would like to sign the IPA with an ad-hoc provisioning profile for beta testing  and then re-sign the exact IPA with an app submission provisioning profile for the app store    usr bin xcrun -sdk iphoneos PackageApplication -v    RELEASE BUILDDIR    APPLICATION NAME  app  -o    BUILD HISTORY DIR    APPLICATION NAME  ipa  --sign    DEVELOPER NAME   --embed    PROVISONING PROFILE

User · Answer

Kind of old question  but with the latest XCode  codesign is easy     codesign -s my certificate example ipa     codesign -vv example ipa example ipa  valid on disk example ipa  satisfies its Designated Requirement

User · Answer

Check iResign for an easy tool on how to do this    edit  after some fudling around  I found a solution to keychain-aware resigning  You can check it out at https   gist github com Weptun 5406993

User · Answer

It s really easy to do from the command line  I had a gist of a script for doing this  It has now been incorporated into the ipa sign script in https   github com RichardBronosky ota-tools which I use daily  If you have any questions about using these tools  don t hesitate to ask  The heart of it is this  CODESIGN ALLOCATE  xcrun --find codesign allocate   export CODESIGN ALLOCATE IPA  quot  path to file ipa quot  PROVISION  quot  path to file mobileprovision quot  CERTIFICATE  quot Name of certificate  To sign with quot    must be in keychain   unzip the ipa unzip -q  quot  IPA quot    remove the signature rm -rf Payload   app  CodeSignature   replace the provision cp  quot  PROVISION quot  Payload   app embedded mobileprovision   sign with the new certificate  --resource-rules has been deprecated OS X Yosemite  10 10   it can safely be removed   usr bin codesign -f -s  quot  CERTIFICATE quot  Payload   app   zip it back up zip -qr resigned ipa Payload  Your new signed app is called resigned ipa

User · Answer

Try this app http   www ketzler de 2011 01 resign-an-iphone-app-insert-new-bundle-id-and-send-to-xcode-organizer-for-upload   It supposed to help you resign the IPA file  I tried it myself but couldn t get pass an error with Entitlements plist  Could just be a problem with my project  You should give it a try

User · Answer

Fastlane s sigh provides a fairly robust solution for resigning IPAs  From their README   Resign If you generated your ipa file but want to apply a different code signing onto the ipa file  you can use sigh resign      fastlane sigh resign sigh will find the ipa file and the provisioning profile for you if they are located in the current folder  You can pass more information using the command line      fastlane sigh resign   path app ipa --signing identity  quot iPhone Distribution  Felix Krause quot  -p  quot my mobileprovision quot   It will even handle provisioning profiles for nested applications  eg  if you have watchkit apps

User · Answer

The answers posted here all didn t quite work for me  They mainly skipped signing embedded frameworks  or including the entitlements    Here s what s worked for me  it assumes that one ipa file exists is in the current directory    PROVISION   path to file mobileprovision  CERTIFICATE  Name of certificate  To sign with    must be in the keychain  unzip -q   ipa rm -rf Payload   app  CodeSignature     Replace embedded provisioning profile cp   PROVISION  Payload   app embedded mobileprovision    Extract entitlements from app codesign -d --entitlements  entitlements plist Payload   app     Re-sign embedded frameworks codesign -f -s   CERTIFICATE  --entitlements entitlements plist Payload   app Frameworks      Re-sign the app  with entitlements  codesign -f -s   CERTIFICATE  --entitlements entitlements plist Payload   app   zip -qr resigned ipa Payload    Cleanup rm entitlements plist rm -r Payload

User · Answer

I ve updated Bryan s code for my Sierra iMac     this version was tested OK vith macOs Sierra 10 12 5  16F73  on oct 0th  2017   original ipa file must be store in current working directory   IPA  ipa-filename ipa  PROVISION  path-to mobileprovision  CERTIFICATE  hexadecimal-certificate-identifier    must be in keychain   identifier maybe retrieved by running  security find-identity -v -p codesigning    unzip the ipa unzip -q   IPA     remove the signature rm -rf Payload   app  CodeSignature    replace the provision cp   PROVISION  Payload   app embedded mobileprovision    generate entitlements for current app cd Payload  codesign -d --entitlements -   app  gt  entitlements plist cd    mv Payload entitlements plist entitlements plist    sign with the new certificate and entitlements  usr bin codesign -f -s   CERTIFICATE   --entitlements   entitlements plist   Payload   app    zip it back up zip -qr resigned ipa Payload

User · Answer

Unzip the  ipa file by changing its extension with  zip Go to Payload  You will find  app file Right click the  app file and click Show package contents Delete the  CodeSigned folder Replace the embedded mobileprovision file with the new provision profile Go to KeyChain Access and make sure the certificate associated with the provisional profile is present Execute the below mentioned command   usr bin codesign -f -s  iPhone Distribution  Certificate Name  --resource-rules  Payload Application app ResourceRules plist   Payload Application app  Now zip the Payload folder again and change the  zip extension with  ipa   Hope this helpful   For reference follow below mentioned link  http   www modelmetrics com tomgersic codesign-re-signing-an-ipa-between-apple-accounts

[ios] How to re-sign the ipa file?

Examples related to ios

Examples related to ios-provisioning

Examples related to ipa