Certificates, Identifiers & Profiles

RSS for tag

Discuss the technical details of security certificates, identifiers, and profiles used by the OS to ensure validity of apps and services on device.

Certificates, Identifiers & Profiles Documentation

Post

Replies

Boosts

Views

Activity

Adding different capabilities to a Distribution profile for visionOS and iOS app
I have an app that runs on both iOS and visionOS (native). Both app use the same project, just some files and code segments are different. We do not use automatic signing. Instead we use a Distribution profile. When creating a distribution profile and adding capabilities there are certain capabilities we are using on iOS that are not available on visionOS. Like the com.apple.developer.kernel.increased-memory-limit and the Extended Virtual Addressing Entitlement. My understanding is that we can only have one Distribution profile per app (may be wrong understanding). My question is how can we have two separate distribution profiles for iOS and visionOS, so iOS can have those extra capabilities that aren't available on visionOS? I tried to create two separate targets, one for iOS and one for visionOS, but that still gives me the same issue of having the distribution profile being the same and not being able to make it unique for iOS and visionOS. Is there a correct approach to setting up the Xcode project or the distribution profile? I'm new to visionOS development and distribution profiles, any guidance would be appreciated. Let me know if you have any questions or need more clarification.
1
0
83
1d
Xcode Automatic Signing Shows Star Instead of Team ID
Hello everyone, I'm encountering an issue with Xcode's automatic signing feature. I've enabled "Automatically manage signing" and selected my development team, but instead of displaying the team ID, Xcode shows a star (*) in its place. Here's a bit more context: "Automatically manage signing" is enabled in the project settings. The selected team works perfectly in other projects. I've double-checked that the team is properly set up and has valid signing certificates. Despite these steps, Xcode still displays a star (*) instead of the actual team ID. This issue is preventing me from proceeding with my project. Has anyone else experienced this problem or have any suggestions on how to fix it?
1
0
88
4d
error: exportArchive: "Runner.app" requires a provisioning profile with the Associated Domains and Push Notifications features.
When I build with Flutter, XCODE returns an error:error: exportArchive: "Runner.app" requires a provisioning profile with the Associated Domains and Push Notifications features. I use the automatic management signing, and the provisioning profiles include related features. What should I do?
2
0
136
1w
Add new capabilities to a Provisioning Profile
We have a MacOS app that we distribute outside of the App Store. The App has an embedded provisioning profile that is still valid. We would like to add the Associated Domains capability to the app ID. Does that require regenerating a new provisioning profile and embedding it into a new version of App? If we do that, does that mean that the old provisioning profile will become invalid and the old Apps that are still running with it will stop working? Is there a way to make the transition to the new provisioning profile smooth without any downtime?
3
0
150
1w
Conflict between capability User Assigned Device Name & Contacts notes entitlements
We have requested an additional capability called "User Assigned Device Name" for my application to Apple and got approved the same on for debug/adhoc/release environments . Since then we are facing issues on code signing. We are always getting the compiler error "* Provisioning profile "xxxxxxxxxxx" doesn't support the User Assigned Device Name capability." on both Debug and Release environment. There is another capability "contacts notes entitlements" that we got approved long back when it was not apart of Apple ID(additional capabilities) rather we got approved as a part of our provisioning profile. Suppose we removed "contacts notes entitlements" from the profile and deleted it from the entitlement folder the project compiled without any error. So we are strongly believes the conflicts on the "contacts notes entitlements" is the root cause. We are about to release the version and which is blocked due to this error. So kindly look in to this issue and do the needful asap. STEPS TO REPRODUCE Added user assigned device name capability from Signing & Capability Tab in project in settings. Added the team, valid provisioning profiles and try to sign in manually. Getting the error “Provisioning profile xxxxxxxxxxxx" doesn't support the User Assigned Device Name capability." Note: Already got approval for the “user assigned device name” . Which is listed under the app id.
5
0
188
1w
Team ID suddenly changed
I developed it as Unity. Originally, I updated Unity to the latest version to fix the problem of not being able to log in to Apple. That's when I found out my team ID had changed. The current Apple membership team ID is HBEMGSUAQ3, When I check "Automatically manage sing" in Xcode Selected with the team ID "ESB392LR64". Where did this team come from all of a sudden? I've only used "HVEMGSUAQ3" for a very long time. The change in ID was a test build while developing another project yesterday, but it changed then. If I manually select the provisioning profile of my project "Failed to install embedded profile for : 0xe800801f (Attempted to install a Beta profile without the proper entitlement.)" This error appears and the test installation is not possible.. So I created a new certificate, identifier, and profile. However, it continues to be created with the ID of "ESB392LR64". Keychain registration is also naturally registered with "ESB392LR64" status. Again, my team ID is "HVEMGSUAQ3" and there is no way to check "ESB392LR64" on my dev page... This situation suddenly appeared when my certificates were updated with the ID of "ESB392LR64" on June 12, and What I suspect is that I updated my MacBook to the latest version of OS on the day of the issue. Please let me know what's going on. I'm hoping it's not a big deal....
2
0
171
1w
Importing .developerprofile from xcode 15 -> 16?
I am trying out the new xcode 16, and am trying to sign some existing apps. I have a .developerprofile from xcode 15. But I cannot find a way to import it (I think I need the private certs, in order to sign an app). There is no "import" button at the bottom of the Accounts tab, within the xcode Accounts Settings.... Is there any other way (e.g: Terminal) to import an existing .developerprofile into xcode? Or am I missing something?
1
0
180
1w
Uploading iOS app for a customer who isn't an organisation
I developed an iOS app for a customer and would like to upload it to his store page. I was given admin permissions , however I failed to upload the iOS build to his AppStore page. My account isn't being recognized as part of his developer team. After some googling, it appears that in order to upload an iOS build for someone else, that someone must enroll as an organisation to give me the proper certificates. My customer tried to enroll as an organisation, however he was rejected by Apple due to "Your legal structure is a Proprietorship. Apple states “If you are a Sole Proprietorship/Single Person Company, enroll as an individual.” Is there a way for me to upload the app to his Appstore page?
2
0
128
1w
Errors building with manual provisioning profile and packages with PrivacyInfo
Errors building with manual provisioning profile and packages with PrivacyInfo.xcprivacy added. When I look at the changes in the package, the only difference is adding this .xcprivacy file. The error looks like this: PLCrashReporter_CrashReporter does not support provisioning profiles, but provisioning profile *** has been manually specified. Set the provisioning profile value to "Automatic" in the build settings editor. Using an Enterprise certificate with manually created provisioning profile, I don't have the option to choose automatic. And I can't change build settings for the swift packages. Does anyone know how I can work around this issue?
3
0
166
1w
Apple TV as iPod in Apple Developer Center
I have a bizzare issue with my Apple TV that is shown as "iPod" in Apple developer portal. It's correctly visible in Xcode as Apple TV, but when I add it to developer portal it says "iPod". The problem is since it's there as an iPod I can't use it to my provisioning profile to build on the device Anyone has any idea how this can be solved? [Edited by Moderator]
3
0
181
1w
No profiles for ... were found
Hi, I'm having some problems signing my application. Everything was working fine until recently when the certificates expired and I got these kinds of errors when I try to upload the app to AppStoreConnect. I can build the app in dev and production mode without any issue and I can create an archive. Problems occur when uploading to AppStoreConnect. The idea would be to let Xcode take care of signing everything necessary by checking the "Automatically manage signing" box. All my targets are in "Automatically manage signing" mode. I tried to delete all the certificates and provisioning profiles that I found on the Apple portal and then generate them again, but the problem is the same. There are two of us on the team, plus a CI machine (this should be the CI that takes care of signing everything needed to send a release to AppStoreConnect). If you have an idea, I'm interested! Thanks in advance, Alexandre
2
0
257
2w
security set-key-partition-list valid values
Hi Devs, i have a question concerning the security set-key-partition-list -S command. I want to use it to enable a code signing certificate being used by codesign and productbuild to sign without sudo or a password prompt. Some sources indicate i need to add codesign: as partition but some don't even mention this. So my question is what partitions are even possible to add? What does partitions in this context mean? How can i find out which i need for productbuild and codesign? Thanks in advance Paul
1
1
338
3w
profile doesnt support tap to pay iphone
I'm trying to upload my app with Tap to Pay on iPhone functionality. However, I'm getting error message "Profile doesn't include com.apple.developer.proximity-reader.payment.acceptance entitlement." I've confirmed many times that I have the distribution profile with this capability. Any idea what might be the issue? The development environment works perfectly. please check my post on apple forum. https://forums.developer.apple.com/forums/thread/755736
0
0
317
3w
About ITMS-91065
In order to facilitate management, we integrate some SDKs such as Firebase into one of our own internally used SDKs. Recently, when submitted to the appstore, we were prompted that FirebaseCrashing included in the SDK lacked the necessary signature (ITMS-91065). The information that can be confirmed is that after packaging the SDK through secondary packaging, the original signature is lost. And we have a static reference. So what I want to ask is whether we can only manually sign our secondary packaging sdk (the signature is our own certificate different from the original Firebase) to solve this ITMS-91065 problem. According to the description of the Apple Developer Conference, Apple only verifies the consistency and security of the SDK and does not record the signature of each SDK on Apple's servers. Therefore, you should only need to ensure that the SDK is in a signed state to comply with Apple's review requirements. (My guess is still being verified)
2
0
585
May ’24
Mobile provision "cannot be copied to this iPad because it cannot be played on this iPad"
Trying to install a mobile provision on my iPad from Windows 10 using iTunes. The error message is as above. I've checked and rechecked the mobile provision. The UUID of my device is contained within my mobile provision. I also tried on MacOS with the same error code. I'm not sure what else to try. I tried making a new mobile provision, I tried readding my device (which isn't possible since it's just the same UUID as an already existing device. I updated iTunes to the latest verison, I've upgraded my iPad OS to the latest version (17.5)
2
0
234
May ’24
How does one create a provisioning profile for embedded DEXT for iPhoneOS that is signed with a distribution cert?
I've been developing a solution that has an embedded USB driver. I can build and run my solution just fine but I cannot pass verification for uploading to App Store Correct and TestFlight The problem is that the provisioning profile I am using (for development) does not have the explicit Vendor ID (idVendor) but is using the development value of asterisk "*". I've created a release version of my entitlements file with the proper Vendor ID and I have a distribution certificate for iOS. Further, I've created a provisioning profile for app-store distribution (not development) and imported it via Xcode. When I select this provisioning profile, I get the following errors from Xcode: Xcode 14 and later requires a DriverKit development profile enabled for iOS and macOS. Visit the developer website to create or download a DriverKit profile. Provisioning profile "MyProvisioningProfile - App Store" doesn't match the entitlements file's value for the com.apple.developer.driverkit.transport.usb entitlement. If I create and use a DriverKit profile, The Xcode UI errors go away on the "Signing & Capabilities" page. However, these profiles seem to be for development only. I then get an error, during compilation, telling me that the app and extension have two different signers, one for development (DEXT) and one for distribution (App). To sum up, using a DriverKit profile fails during the build process and using a distribution profile is a non-starter for Xcode. I can't even build. What do I need to do to get this to work?
2
0
313
May ’24
DriverKit: embedded.mobileprofile has the wildcard USB Vendor ID instead of my assigned Vendor ID
I've added my Vendor ID to the appropriate entitlement files but my binary fails validation when trying to upload it to the store for distribution. The embeded.mobileprovision file in the generated archive shows an asterisk instead of my approved Vendor ID. How can I make sure the embedded provisioning file has my Vendor ID?
2
0
323
May ’24
Target release_unpack_ios failed: Exception: Failed to codesign
I'm trying to compile my project to upload to the Apple Store, but I'm encountering the following error and I'm not finding a solution. Target release_unpack_ios failed: Exception: Failed to codesign /Users/projetos03/Library/Developer/Xcode/DerivedData/Runner-fawumbalfprcejfqeukpogdffliw/Build/Intermediates.noindex/ArchiveIntermediates/Runner/BuildProductsPath/Release-iphoneos/Flutter.framework/Flutter with identity 8AEA2F49955A0 9A7CD98E041ABA46E18BAE7745E . /Users/projetos03/Library/Developer/Xcode/DerivedData/Runner-fawumbalfprcejfqeukpogdffliw/Build/Intermediates.noindex/ArchiveIntermediates/Runner/BuildProductsPath/Release-iphoneos/Flutter.framework/Flutter: replacing existing signature Warning: unable to build chain to self-signed root for signer "Apple Development: Flavio Alves (36WNMDQCH4)"
2
0
542
May ’24