Search code examples
iosxcode6code-signingcode-signing-certificate

iOS xCode6 (Application signature not valid)

This isn't the first time this has happened to me. Last time I resolved it purely by accident but that's no way to move forward. I've now lost 2 whole days on this and I have no hair left. So here's the problem. I have to re-sign an Enterprise Distributed app in order to release the latest update. I do this in terminal using the codesign function. All appears to be building correctly. No issues seen on the way through. When it comes to downloading the new app to my device, it fails and in the xCode device logs it tells me (Application signature not valid).

So i'm in a great mood at this point as I realise that i'm back in that place and that i may as well write off the rest of the week.

So here's what i've done so far to remedy this.

  • Removed all my related keys and certificates in keychain access
  • Removed saved provisioning profiles from my device
  • Revoked and destroyed all certificates in xCode and on the apple dev portal.
  • Refreshed from xcode to receive new developer and distribution
    certificates.
  • Created new certificate request files
  • Created a new app id under a new name
  • Added push services using the new signing request
  • Created a new provisioning profile with the new name and using all the new valid certificates created earlier.
  • Recreated all .plist files with the new information and code signed in terminal.

No change.

Private and public keys are all there. I've done everything mentioned in every walkthrough and answer i can find. I've been over this process so many times that i'm getting very good at it.. but it simply isn't working for me.

The only thing i can guess as the problem is that my Certficate in keychain doesn't have a code next to the description. It might be nothing but it's all i can think of at the moment. it says iPhone Distribution: <name> instead of iPhone Distribution: <name> (<teamcode>). Doesn't seem to matter how I create the keys this doesn't seem to remedy this.

If this is the case, If someone could point me to a detailed and up to date walkthrough of how to make this happen that would be a start.

And if anyone has or knows of a definitive and up to date walkthrough of how to successfully create valid and working Enterprise distribution certificates, that would be solid gold.

Here's my error log code just for fun

[MICodeSigningVerifier performValidationWithError:]: 186: Failed to verify code signature of <MIExecutableBundle : path = /private/var/mobile/Library/Caches/com.apple.mobile.installd.staging/temp.F1KrWm/extracted/Payload/<myRebuiltApp>.app identifier = com.<company>.<app> type = 4> : 0xe8008019 (Application signature not valid)
Mar 17 14:40:54 My-iPad installd[36] <Error>: 0x1d44000 -[MIInstaller performInstallationWithError:]: Verification stage failed
Mar 17 14:40:55 My-iPad itunesstored[83] <Error>: 0x681000 __MobileInstallationInstallForLaunchServices_block_invoke240: Returned error Error Domain=MIInstallerErrorDomain Code=13 "Failed to verify code signature of <MIExecutableBundle : path = /private/var/mobile/Library/Caches/com.apple.mobile.installd.staging/temp.F1KrWm/extracted/Payload/<myRebuiltApp>.app identifier = com.<company>.<app> type = 4> : 0xe8008019 (Application signature not valid)" UserInfo=0x16edcd10 {LibMISErrorNumber=-402620391, LegacyErrorString=ApplicationVerificationFailed, FunctionName=-[MICodeSigningVerifier performValidationWithError:], NSLocalizedDescription=Failed to verify code signature of <MIExecutableBundle : path = /private/var/mobile/Library/Caches/com.apple.mobile.installd.staging/temp.F1KrWm/extracted/Payload/<myRebuiltApp>.app identifier = com.<company>.<app> type = 4> : 0xe8008019 (Application signature not valid), SourceFileLine=186}

Any help on this would be hugely appreciated.

Solution

  • So I got it to work.. not sure exactly how this differed to any other time but here it is.

    • Connected both my iPad and iPhone and removed all provisioning profiles
    • Removed all (developer/distribution) certifcates from keychain access
    • Verified that Logins is the default folder
    • Revoked my certificates in Apple Dev Center
    • Created a new Distribution certificate (but didn't download it after)
    • went to xcode and refreshed the signing identities (now empty due to removing in keychainaccess)
    • requested a new developer profile from xcode (it built one for me)
    • requested a new distribution profile (there was one so it refreshed from the one i made a few seconds ago)
    • These now show up in keychainaccess
    • returned to dev center to make a brand new app id (with a new name to previous editions)
    • created a new provisioning profile and downloaded it.
    • returned to the app to unzip+modify+resign it with the new provisioning profile
    • Created new plist file and uploaded all to the SSL site
    • Went for a coffee
    • Downloaded the app to my device
    • It works.
    • Tested on my girlfriends device too.
    • Mission successful.

    having been through this so many times i have no idea which part of this was the winning part so i'm just listing them all in hope that it helps someone out. if anyone knows which part was the winning part. Do let me know. I don't know how i'd cope going through that again.