node-applesign icon indicating copy to clipboard operation
node-applesign copied to clipboard
verified publisher icon nowsecure

Verify identity when a provisioning is specified

Open trufae opened this issue 7 years ago • 2 comments

If the user uses -m and -i it must verify that both match, otherwise the signing will work but the installation will fail.

trufae avatar Nov 23 '18 17:11 trufae

@trufae To me, this is still an issue. I've ran from xcode which just works fine. I see which Development Signing certificate is used. Using security find-identity -p codesigning -v to get the identifier, get the correct provisioning profile from either the already build IPA (embedded.mobileprovisioning) or get it from ~/Library/MobileDevice/Provisioning Profiles. Then I run

  1. applesign -i E3990F.... -m embedded.mobileprovision -o patched_codesign.ipa MyApp-Preview.ipa
  2. unzip patched_codesign.ipa
  3. ios-deploy --bundle Payload/*.app --debug -W

Getting error:

[ 70%] VerifyingApplication
2020-10-26 13:04:55.092 ios-deploy[17660:233562] [ !! ] Error 0xe800003a: The application could not be verified. AMDeviceSecureInstallApplication(0, device, url, options, install_callback, 0)

I've visited all the stackoverflow answers which basically say, delete the app from the device, I did that.

I also tried to use ios-deploy of the original ipa, that works fine.

Any ideas?

Ruud-cb avatar Oct 26 '20 12:10 Ruud-cb

Different things:

  • -i is derived from -m, so no need to pass -i
  • i would add -c to clone the entitlements from the provisioning, which use to be the common issue and maybe it should be by default
  • if you dont pass -o a proper name for the resigned ipa is generated
  • ios-deploy can install .ipa, no need to unzip first

I added a debugging option in appleisng that generates a json with the old/new signing info for debugging and comparing problems like this. ill reopen the issue

trufae avatar Oct 27 '20 13:10 trufae