To those needing to push out a critical update as I did: disable Xcode's "Automatically manage signing" and build your app using manually provided certificates/provisioning profiles. Quick step by step on how to create them on https://developer.apple.com/ if you need to: Head over to Certificates and create an "Apple Distribution" certificate, download it to your disk and open it with Keychain Access.app Next create Profiles and create a Distribution App Store provisioning profile for each target you need to sign (usually your main bundle ID, but you may need to create one if you have additional targets such as notification service extensions) Then in Xcode: Under "Signing & Capabilities", uncheck "Automatically manage signing" for any target that's using it Import the provisioning profile you just downloaded Archive your app Once your archive is ready, in Organizer select "Distribute App" then "App Store Connect". Select "Export" instead of "Upload" Assign provisioning profiles as required Export to the Desktop Finally upload the exported .ipa file using Transporter.app (get it on the App Store, the forum wouldn't let me link this one). This is a rather straightforward app. So, it's a big hassle no doubt, but this allowed me to push out a highly critical update anyhow! You might also consider setting up FastLane, avoiding the Xcode automatic stuff while allowing more flexibility to build apps. It was on my to-do list, now I guess the setup time investment will be worth the peace of mind...