Manually re-signing iOS Apps
When we develop iOS applications for our clients we don't typically publish the apps on their behalf, they publish them using their own Apple account. Each build of the application is tied to a P4 account however, so how do they publish using their accounts?
In order to publish an iOS app that has been created using another companies certificates and profiles and bundle id the ipa has to be updated with your details.
To re-sign an ipa and change the bundle id you have two main options:-
Manually from the command line
Using a tool such as AirSignApp or iReSign
The tools are pretty good, AirSignApp is particularly good. The AirSignApp has a 28 day trial and the iReSign app is free.
To understand what's involved to do this from the command line and to help understand what the tools do in the background, lets assume we are resigning an app and changing the bundle id from com.p4innovation.SocialApp to com.ourcompany.SocialApp:-
1.Unzip the ipa
unzip -q SocialApp.ipa
2. Remove the old code signature
rm -r Payload/SocialApp.app/_CodeSignature/
. Copy the new provisioning profile over the existing embedded.mobileprovision
cp ReplacementAppAdhoc.mobileprovision Payload/SocialApp.app/embedded.mobileprovision
4. Update the plist bundle id
/usr/libexec/PlistBuddy -c "Set CFBundleIdentifier com.ourcompany.SocialApp" Payload/SocialApp.app/Info.plist
Create a new entitlements file with the new bundle id
<plist version="1.0"> <dict> <key>application-identifier</key> <string>SR1AB12323.com.ourcompany.SocialApp</string> <key>com.apple.developer.team-identifier</key> <string>SR1AB12323</string> <key>get-task-allow</key> <false/> <key>keychain-access-groups</key> <array> <string>SR1AB12323.*</string> </array> </dict> </plist>
6. Resign the app the new cert and new entitlements file
codesign -f -s "iPhone Distribution: Our Company Ltd (XXXXXXXX)" --identifier "com.ourcompany.newMyApp" --entitlements "entitlements.temp" "Payload/MyApp.app"
7. Zip the payload back up
zip -qr SocialApp-resigned.ipa Payload
The ipa can now be submitted or distributed using the your Apple account credentials.
In summary, to resign and package an ipa you will need:-
zip, codesign and plistbuddy command line apps installed
Your App store provisioning profile
The publishable bundle id
The team identifier
Your distribution certificate