Over the past couple of days I've worked my way through all the prior posts on here that I could find that seemed to be related (many of them appear to be horrifically out of date and less than useful now), as well as the Apple Troubleshooting and Maintaining Your Signing Identities and Certificate guides (not to mention the usual Internet searches).
The app in question was deploying fine until the latest XCode update, but now fails to upload (build is successful obviously, and there have been code changes as well):
ERROR ITMS-90161: "Invalid Provisioning Profile. The provisioning profile included in the bundle *content removed* is invalid. [Missing code-signing certificate]. A Distribution Provisioning profile should be used when submitting apps to the App Store. For more information, visit the iOS Developer Portal."
It's not the first time I've mysteriously had a failure like this, but in prior cases simply revoking the certs, removing the profile, then rebuilding would take care of it. Not so in this case.
The provisioning profile is confirmed to be the correct type, and the code signing certificate sure looks like it's in there... Certificate gets a nice green checkmark too. Any new suggestions not covered in the usual places?
It turns out that there's nothing wrong with the certificate itself, but it's the upload process which needs to be done different.
In the past I had been deploying the distribution outputs from Cordova CLI via the Application Loader. The App store no longer accepts my builds when done that way.
With the current version of XCode, I need to use the GUI now and set the build target to "Generic iOS Device" and then do an "Archive" operation. The archive will upload the app through a different loader, which the App store will accept.
Related
I get this error when trying to validate, now theres tons of these questions, the problem is, none of their solutions have worked.
The top highlighted one is my distribution provisioning file thats associated with the project in question.
you can even see it's online.
so I have the profile, I have the app ready for uploading (how do you change the date for when it can be available on the app store AFTER you have said "yes these details are right, now lets get ready to upload?").
But I can't validate. every time I log in to "validate" I get that error. I have all the profiles required I have tripple checked every thing, but being VERY NEW to IOS dev, I am sure I missed some crucial step.
Please help.
1) Have you created a Distribution Certificate and downloaded it?
2) Have you created App Store provisioning profile?
3) Are the code signing identities have been properly setup in your project?
If yes to the above then try manually downloading the provisioning profile from the developer portal and restarting XCode.
Now that the app I created last year has enjoyed a year's worth of functional success, my Enterprise users are beginning to see alerts indicating that the provisioning profile is about to expire.
The Code Signing business of the app gave me tremendous difficulty in the beginning, and now it's doing it again. I think it's because all the information I can find about it refers to apps to be distributed in the App Store, but not for Enterprise apps. The "Tools Workflow Guide for IOS" seems only to be helpful for App Store distribution.
I did finally get it working just by trial and error, by setting all of the Code Signing Identities to "iPhone Developer," but I really need to understand the proper way to do it and why it works that way. And I need the "Idiot's Guide" version.
First, I think what is hanging me up is understanding the Distribution aspect. Is "Distribution" only in reference to an app that is bound for the App Store? This being an Enterprise app, does Distribution apply? Any time I try to create a Distribution profile and include it in Distribution/Release for the Code Signing Identity, compile fails. It works ok if all Code Signing Identities are set as "iPhone Developer." Does that mean it is going to always need a Developer provisioning profile, and never a Distribution profile?
The "iPhone Developer" profile always comes up in the Code Signing Identity section of Build Settings as "(currently matches 'iPhone Developer: Bill Norman(4GR2 etc) in 'iOS team". But any other profile doesn't say anything like that, and so none of the other profiles work. If they don't work, why are they there? And do I need to delete them?
And yes, there are lots of profiles listed that are the result of many trials and errors. Only one appears in the Profiles section of the iPhone's Settings, and that's the iOS Team Provisioning Profile.
If it does need a "Distribution" profile, how do I make it work?
Next question: Will my Enterprise users need to download and re-install the app to get the new provisioning profile? Or will it do it by itself, seamlessly? Or will it inform my users that the profile has expired, and they need to do such-and-such to get their app to work?
More: The Developer profile only lasts for a year, while the Distribution profile lasts three years. Obviously it would be helpful to make it last three years, but can we do that with an Enterprise app?
My apologies for my continued inability to fathom the inner workings of this stuff. And many thanks to anyone who can help.
First thing that you want to do is delete all of those extra provisioning profiles that you created through trial and error. Just totally remove them from the organizer. The difference between developer provisioning profiles and distribution provisioning profiles is that developer profiles will only work on devices that are registered with that developer profile, meaning test devices. You would not be able to sign an app with a developer profile and then put it on any device, only devices that you have registered to work with that profile. In the distribution zone you will have app store distribution and Ad Hoc distribution. App store refers to the Apple App Store which you must submit your app to apple for that. Ad Hoc distribution allows developers who have enterprise accounts to distribute to any device via the internet or other methods.
I would need more information when you say that compile fails with distribution but generally speaking, you would click the product tab and then click on archive. When the archiving is complete and the archive window pops up, you would click on the button that says Distribution in the bottom right corner. You would then click on the Save for Enterprise or Ad-Hoc deployment option. You choose your distribution code signing identity when asked which identity to use and hit next. Here comes the tricky part: On the next section where you are choosing where to save the app, you click on the option, save for Enterprise distribution. There are two fields that need to be filled in here, the first is an application url, this is the exact url where you will be hosting the ipa file, for example http://www.somewebsiteyouown.com/myApplication.ipa
The second is the ApplicationTitle which will just be your app title: myApplication.
This process will generate for you a plist and an ipa file, you put thos both on the server and link to the plist from a button or link on a webpage. The plist is like the instructions on where the ipa file is and what to do with it.
This question is, in some ways, a follow up on my earlier question regarding Push Notifications. After much time wasted I have more or less concluded that the issues I am running into, particularly with Titanium, are down to my not configuring my Keychain in the right order. I am now contemplating redoing it all from scratch but thought it best to first post a question here to establish the right way. Here is what I am planning to do
Log in to my Apple iOS provisioning portal account, download and install the Apple WWDRCA cert
Open up KeyChain and create a new certificate signing request. I call it myname.certS... .
Go to the provisioning portal account and use the CSR created above to secure my development and production certificates.
Download and install those certs on my machine by double clicking on them
Back in the provisioning portal create my first appID - call it, com.example.push
Back in KeyChain create a new csr - push.certSig... .
Back in the provisioning portal choose the new appID and configure it for Push using the new csr
Still in the provisioning portal select Devices and add the UUIDs for the devices on which I want to test my app
Still in the provisioning portal select Provisioning and create a new development and production provisioning profile for the app. The latter has AdHoc selected. Use the certificates created earlier. At this stage assign only one device in each profile.
Submit the profile, wait then edit it and add the remaining devices - I am doing this because I have read that there is bug somewhere that stops the provisioning profile from using the Push configuration for the appID in question the first time round
Download and install the two provisioning profiles
Well as I write I have followed all of these steps. I then wrote and compiled a simple Titanium mobile project and tried the Install To Device option with the AdHoc profile created above. Everything went swimmingly well and I got my IPA. I took the IPA and fed it to TestFlightApp which reported Invalid Profile: developer build entitlements must have get-task-allow set to true. So I tried again with the Development profile. This time round TestFlightApp accepted the IPA. In installed it on my iPad but still find that registerForPushNotifications is going away into the ether with nothing being reported - no success, no erors... just a defeaning silence.
I have to admit that I am at my wits end here. I am clearly doing something wrong but I haven't got the foggiest idea what it could be. If I had a million dollars I would give em away to anyone who could set me on the right track. Well I don't so I hope someone just puts me on the right track out of sheer goodness
tried the Install To Device option with the AdHoc profile created above. Everything went swimmingly well and I got my IPA
That doesn't sound right. You aren't installing to a device, you're generating a distributable build. I'm not familiar with Titanium's build process, but in Xcode 4, you select Archive to generate the IPA, and Xcode generates the appropriate entitlements at that point. If you're using an option intended to install directly onto a device, it won't generate those entitlements.
So I tried again with the Development profile.
This doesn't sound right either. You should be using the distribution profile.
I've been living the nightmare of trying to submit an app to the iTunes store... The newest massive waste of time is an error message that I get when I try to validate or distribute my archive from the "organizer".
The exact message is:
My Xcode is version 4.3.2. I'm pretty sure my WWDR is installed, because this has never been an issue before. I also tried to re-install it just to be safe.
The most frustrating/confusing part is that I JUST submitted my app successfully two weeks ago and nothing was changed. My app was rejected for meta-data reasons. I fixed those issues, re-installed one of my plugins, and now this.
Any suggestions? Even a link to some helpful documentation would be great. I've found the Apple developer docs extremely confusing and UN-helpful.
EDIT1:
I think I may have gotten closer to the problem. I changed some of the build settings and now my build fails with this error:
Code Sign error: Certificate identity 'iPhone Distribution: [my name]' appears more than once in the keychain. The codesign tool requires there only be one. I want to fix this but I'm not clear on which code signing profile should be set where. There are different settings depending on whether I click the "project" icon or the "target" icon and each of those has four different choices. Do all of these require code signing? Can anyone give me an example of a working configuration?
EDIT2:
I think I maybe found the problem. There is a small note that says my Distribution profile has no provisioning portal. I've been downloading and installing new .mobileprovision files but they all say "Developer". I think just need to figure out to download a new distribution profile.
SOLUTION:
Thanks to some pointers from Saad (see below), I figured out what was wrong. I was using the auto-select option for code signing, and the only distribution profile had an invalid provisioning profile. This happened very quietly, and I'm not sure why. I only noticed it when I went back into the provisioning portal to create a new distribution profile. After installing this, everything works.
your provisioning profile is not properly set
Code Sign error: Certificate identity 'iPhone Distribution: [my
name]' appears more than once in the keychain. The codesign tool
requires there only be one.
Open Applications > Utilities > Keychain Access and search for your Distribution certificate. Sometimes the Xcode Organizer decides to generate a new certificate for you and invalidates your old one, but does not remove it from your keychain. Remove the expired/older certificate and quit/re-launch Xcode (make a backup first, in case, by dragging to Desktop or Exporting). That should at least clear up part of your problem.
As for the provisioning profile, if that still is a problem, I'd manually go into the iOS development center and download the App Store Distribution Provision Profile for your app, removing all other provisioning profiles, until you figure this out. Quitting and relaunching Xcode when dealing with certs/provisioning profiles is something I've always had to do.
project identifier and your profile identifier must match
So I have a few questions here.
I started doing App development a while ago and am starting to submit Applications. And my question site mostly around the APPId's. Reason I am asking is because I am getting signing error's, and I think this is why.
com.Company1.App1
com.Company2.App2
or
com.MyCompany.App1
com.MyCompany.App2
I am using the format of com.MyCompany.App1 and com.MyCompany.App2, and I have recently created the APP ID's and provisioning profiles, have them installed, have them selected in Build Settings for Distribution. I have restarted XCode done a Clean on the Apps before Building them. But it keeps giving me the error and therefore I can't upload to the App Store.
Also, I assume you just create one Certificate for all your apps, using the Company Name you have in your App Developer Profile online...correct?
UPDATE: Here is the specific error message. Also it's XCode 4 and when I goto Project->AppName->Build Settings, the correct Distribution profile is selected under Distribution.
Application failed codesign verification. The signature was invalid, or it was not signed with an Apple submission certificate. (-19011)
Go to Target->yourapp->Get Info->Build in xcode and selected appropriate profile in code signing identity.
Let me know if you have any question.