In-House Distribution App Fails to Install on Device

Provisioning Profile: In-House iOS Distribution

Owned by our company


In info dialog on provisioning profile and cert, I am told that everything matches and is good. Not expired and all is valid.


Architectures: armv7 and arm64


All capabilities turned off in build settings.


Distribution target: iPad Air generation 3 [Apple iPad Air (3rd generation - MV162LL/A), iOS 12.2]


Distribution method: USB connection via Apple Configurator 2. Device is supervised with only the default profile to ensure there is nothing restricting installations.


XCode V#: 10.3

MacBook Pro (Retina, 15 inch, Mid 2015)

Mac OS Mojave (10.14.4) (18E226)


ERROR seen in Apple Configurator 2 console when trying to install application:


Oct 1 11:34:05 iPad appstored[141] <Error>: [ODRLaunchServicesObserver]: Application [bundle ID] is invalid, ignoring the install notification from LaunchServices


Exits with error code 1. I can't find more details on what exactly is invalid about my application, which will deploy just fine if build with marker (not bitcode) and application is approved once deployed onto the device.

Replies

Hello alex.pritchard.levelupdevelop,
How are you generating the IPA file that you are trying to install on the device? From the error, my suspicion would be that maybe the Bundle ID either does not exist or it does not match what is in the provisioning profile that is being installed with the mobile application. The later of the two is easy to have happen if you are re-signing the mobile application. Do you know how to check for this?


Additionally, do you know if the application has Extensions or a Watch App and accompanying Extensions?


Is the iOS device connected to the internet while you are trying to install the application?


Hopefully this helps!

XCode.

Scheme target -> generic iOS device

from the ℹ info box on the selected provisioning profile, App ID matches Bundle ID


Should not have any app extensions.


The iOS device is connected to the internet when trying to install. It is on WiFi, and even off of WiFi, these iPads have LTE enabled so they are always online.

Hey alex.pritchard.levelupdevelop,

Maybe this is going backwards, but have you tried side loading the application through Xcode while the device is plugged in or through the command line interface with Apple Configurator? It is using the same process, but you may get more output. It would be something like the below command for Apple Configurator.


cfgutil -v -e [Device ID] install-app [Path to IPA on Connnected Machine]


With Xcode open the Devices window and then drag and drop the signed IPA into the application section.


If either of these fail then it is a code signing issue (as long as you are also installing on a supported device platform and OS version with the required capabilities specified by the Info.plist).


Hopefully this helps!

App installs and successfully runs when building for the device specifically from XCode.


Thanks for your reply, but since we are only having issues when distributing to the device via Apple Configurator 2, we may submit a technical support request at this point.

Hello alex.pritchard.levelupdevelop,

Have you tried to Archive and Export (Distribute) the build for AdHoc Distribution? This will go through the process of Xcode generating the IPA file and signing it with your Distribution certificate. Once this happens, you will have a folder with the signed IPA file that you should be able to install to your device through the "Devices and Simulators" window, or by using the command I have shared above for the cfgutil that can be installed with Apple Configurator.


If you are not able to export the IPA file and install it sucessfully through the options listed above, then it is most likely a code signing issue that exists between the Signing Certificate, Provisioning Profile and the Entitlements being used when signing the mobile application.


Let me know what your results are once you test the above steps and we can continue to troubleshoot.


Hopefully this helps!

Sure thing. This is what I have been doing. I build for generic iOS device and archive. That works. I then try to install the IPA via Apple Configurator 2 and get the "application is invalid" error in my first post.

I missed this before. There are 4 Entitlements, although the app is still building correctly. (Not sure if you can see attached screen shot: get-task-allow, com.apple.developer.team-identifier, application-identifier, keychain-access-groups)

Another new development (giving these in real-time, my apologies as I want to save your time on responding).


Application installed from my archived IPA on a non-supervised device. I'm going to try supervising the device now and trying again.

Hello alex.pritchard.levelupdevelop,

Thank you for clarifying! Were you able to install the IPA file on the supervised device after confirming that it installs on an unsupervised device?


Are both of the testing devices running the same version of iOS? Could there be a minimum OS version causing the issue? Could you share the Info.plist and remove anything that you consider sensative?


Also, does the default profile that you install from Configurator modify the devices network settings in any capacity or application installation permissions under restrictions? If you can share the profile settings I could load them onto one of my devices for testing and install one of our enterprise signed applications to see if I can get the error to trigger myself.


Looking forward to the additional information!

Could Bitcode cause problems running on a device as far as you are aware? It looks like disabling Bitcode generation and setting it to marker-only (and unchecking the rebuild from bitcode option in Archive) resolves the issue.


Interestingly enough, "normal" compilation does not work with bitcode since our version of libReact.a was not compiled with full bitcode. Archiving seems to ignore this issue even though rebuild from bitcode is turned on, but an app built with bitcode won't install on the device.

Hello alex.pritchard.levelupdevelop,

Very interesting disovery here. Just to confirm, does that mean that you have been able to successfully use your Apple Configurator profile to install the application as long as you turned off Bitcode during the archiving process?


From the information that you have shared, I would imagine that this is not necessarily a Bitcode issue and more of an "intended use" issue. From what we have discussed we know the following to be true.


- Installation on a normal device is possible with your Enterprise signed application (Bitcode and non-Bitcode versions work)

- Installation on a supervised device with Bitcode is not possible through Configurator

- Installation on a supervised device with Bitcode is possible through App Store Connect and the App Store.

- Installation on a supervised device without Bitcode is possible with your Enterprise signed application.


Bitcode is meant to be used when going to the App Store and also exposes your application to re-compilation by Apple so that Apple can send different packages to devices based off of their device capabilities and other things they havent documented. It might be possible that the appstored process which is reaching out to Apple is seeing Bitcode in the IPA which could be causing issues, but you would think that as soon as you try to install the IPA from a source outside of the App Store the device would recognize this.


The one final test that might be good to run here is whether or not the application installs successfully on a managed device and unmanaged device using an OTA plist to install from a custom domain. If you can do this successfully on both types of devices, then I would recommend opening up a bug with Apple because it might be that either the appstored process needs to be improved or the Configurator process needs to be corrected for situations like this.


Hopefully this helps!