ITMS-90034: Missing or invalid signature

After uploading a new App to the App Store Connect i receive an e-mail stating:

ITMS-90034: Missing or invalid signature - The bundle '...' at bundle path 'Payload/...' is not signed using an Apple submission certificate.


The App don't use any capability.

I've used Xcode to upload, as in a previous App which now is on the App Store.

All the apps use the default configuration: "Automatically manage signing", Provisioning profile "Xcode Managed Profile", Signing Certificate Apple Development: ############

The requested Signing Certificate is present in the keychain in 3 versions, the last one is valid (the older 2 are revoked).


What I should correct?

  • 1

  • 1 to the club. Any news on that topic?

We also had this error because someone committed the ipa file into git and then fastlane always used that old ipa file. So we had this error not because the certificates on the build machine expired, we had this error because the certificates we used to sign the old ipa file expired
Estou tendo o mesmo problema não consigo achar resposta para solução de forma alguma.

Uso o Mojave versão 10.14.6 Xcode versão 11.3.1

Teria associação ao problema?

Alguém conseguiu resolver?
Go to Xcode -> prefererancs -> Account section. Make sure all your certificates are available. Increment your build no, archieve, and re-submit.
Hope that will resolve your issue.
  • 1

We are having this same issues with some apps but not all of them. Triple checked distribution cert and provisioning profiles. We are uploading using altool via command line. Other apps work just fine as they always have, but a few are failing to upload.

This is the error we are currently receiving (redacted info):

Code Block
*** Error: code -18000 (ERROR ITMS-90034: "Missing or invalid signature. The bundle 'com.mybundle.id' at bundle path 'Payload/My App Name.app' is not signed using an Apple submission certificate.")


I have a ticket out with Apple on this, and will update this thread with any findings.
Perhaps the fix has been implemented in Xcode 12.5 Beta 3:

Resolved Issues
Fixed an issue that caused OS X 10.11 and earlier to reject packages signed on OS X 10.11 and earlier. (71695608)

Known Issues
OS X 10.11 and earlier may reject code signatures added to universal binaries by Xcode 12.5. (70724583) (FB8830007)

Workaround: Specify --digest-algorithm=sha1,sha256 to the codesign utility at signing time. In Xcode, specify this using the OTHER_CODE_SIGN_FLAGS build setting.

I had the issue with xcodebuild & altool pipeline building iOS app while tvOS was fine. Build & upload iOS from Xcode IDE was fine as well. After @Luca_65 option --digest-algorithm=sha1,sha256 in OTHER_CODE_SIGN_FLAGS xcodebuild & altool iOS pipeline was fixed.

macOS Catalina 10.15.7
Xcode 12.4

  • 1 club

HERE IS THE ANSWER :D

Apple has updated Developer Relations Intermediate Certificate. Just download the certificate from here and install it. If it doesn't works have a look on https://developer.apple.com/support/expiration/

The answer was found in this post:
https://developer.apple.com/forums/thread/662300
I have the same issue. Does Apple look at these questions? No solution posted?
ITMS-90034: Missing or invalid signature
 
 
Q