All geek questions in one place

Invalid code verification. The signature is invalid, contains forbidden rights, or it was not signed with the distribution

I try to connect an iOS application to iTunes Connect, but I get this error when I try to check it in Xcode:

Application failed codesign verification. The signature was invalid, contains disallowed entitlements, or it was not signed with an iPhone Distribution Certificate

I saw a lot of questions related to the same problem, but for me this did not work. I follow every step of the Apple Technical Note TN2250 . I verify that the distribution profile for the release is selected in the build settings (I tried with a wildcard and user-defined for the application), and the scheme is correct. To have the application signed with this profile, I use the codesign -d -vvvv MyApp.app and get something like:

 Executable=/Users/myuser/Library/Developer/Xcode/Archives/2012-09-17/myapp 17-09-12 09.27.xcarchive/Products/Applications/MyApp.app/MyApp Identifier=com.example.MyApp ... Authority=iPhone Distribution: My Company Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA ...

I check the rights that I did not change with security cms -D -i MyApp.app/embedded.mobileprovision , getting this:

 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>ApplicationIdentifierPrefix</key> <array> <string>PR3F1X</string> </array> <key>CreationDate</key> <date>2012-09-17T07:20:35Z</date> <key>DeveloperCertificates</key> <array> <data> ... </data> </array> <key>Entitlements</key> <dict> <key>application-identifier</key> <string>PR3F1X.com.example.MyApp</string> <key>get-task-allow</key> <false/> <key>keychain-access-groups</key> <array> <string>PR3F1X.*</string> </array> </dict> <key>ExpirationDate</key> <date>2013-09-16T07:20:35Z</date> <key>Name</key> <string>PROFILE NAME</string> <key>TeamIdentifier</key> <array> <string>PR3F1X</string> </array> <key>TimeToLive</key> <integer>364</integer> <key>UUID</key> <string>...</string> <key>Version</key> <integer>1</integer> </dict> </plist>

The package identifier of this application looks like com.example.MyApp, and I thought that problems with the upper cases could be a problem, but changed them, and this did not happen. After that, I revoked my certificates, received fresh mobility profiles, and again went through the whole process, without any success.

The software I use is Xcode 4.3.2 with Mac OS X 10.7.4

I don’t see where the problem is, I'm missing something.

EDIT 1: Do I need to change the package identifier to change some other parameters manually?

EDIT 2: I just made an example application from scratch, signed it with the same certificates, and everything goes smoothly, so it seems that the problem is in the configuration. I'm trying to see the differences between the two project settings, but the only great thing would be that the first one is only an iPad and it uses a couple of PhoneGap plugins.

+6
source share
1 answer

I had the same problem. You should have verified your application signature, see How to verify the rights to my application signature as follows:

codesign -d --entitlements - /path/to/MyGreatApp.app

This is OK , and I don't know what your error is if you get something like:

 Executable=/path/to/MyGreatApp.app/MyGreatApp ??qq?<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>application-identifier</key> <string>ABC123DE45.com.appleseedinc.mygreatapp</string> <key>get-task-allow</key> <false/> <key>keychain-access-groups</key> <array> <string>ABC123DE45.com.appleseedinc.mygreatapp</string> </array> </dict> </plist>

But if you only get:

Executable=/path/to/MyGreatApp.app/MyGreatApp

Then this is the problem. You probably damaged your rights while writing off code using the codesign tool.

I took the following steps to fix this:

  • Archive any application in Xcode.
  • Choose "Distribute ..." β†’ "Save for Enterprise Ad-Hoc Deployment" as AppName.ipa
  • Unzip AppName.ipa
  • Create a file with subscription access rights: codesign -d -entissions: enterprise.plist Payload /PathToApp.app/
  • Go to the folder where the downloaded application is located.

  • Create a Provisioning profile permissions file:

    security cms -D -i / path / to / the.app / embedded.mobileprovision> provision_entitlements.plist

  • Open the file pres_entitlements.plist and enterprise.plist. Change the enterprise.plist settings, it should be equal to the property provision_entitlements.plist-> Rights. Save the changes.

  • When you cancel the application, add the --entencesments enterprise.plist argument to the codeign tool.

     codesign -fs "iPhone Distribution: My Company" APP_DIRECTORY --entitlements enterprise.plist
0
source

Source: https://habr.com/ru/post/925552/

More articles:


All Articles