"no identity found" error when code signing

Question

Level 1

5 points

"no identity found" error when code signing

Hello,

I am trying to codesign an iPad IPA file supplied to me be an external app development agency. To carry out the app signing, I first installed the distribution cert and private key (.p12 file) in to Keychain. I also installed the intermediate WWDRCA cert and the ios_development cert. I'm using the following command from the iOS terminal to sign my app:

codesign -f -s ituneskey.p12 AppName.ipa

and the error I get is :

ituneskey.p12: no identity found

My distributuon cert is valid, I have checked this in Keychain Util.

What am I doing wrong and how can I resolve this?

iPad 2, iOS 5.1

Posted on Mar 21, 2012 8:12 AM

Reply

Answer 1

K T

Level 7

23,877 points

Mar 21, 2012 8:25 AM in response to fivedigital

Follow the walk-thru and links in TN 2250 ~ iOS Code Signing Setup, Process & Troubleshooting ...and TN 2294 Code Validation and Submission Issues for iOS

Reply

Answer 2

fivedigital Author

Level 1

5 points

Mar 22, 2012 2:05 AM in response to K T

Hi K T,

I had previously gone through the two links you mentioned before posting to this forum, but to no avail. I have a couple of theories. One is that because the developer who wrote the app is not part of my companies "Team" in our iOS developer account, he used his own developer certificate to create the app. Now the problem is when we come to signing the app with our distribution certificate, which by the way now works (see below), when validating the archive during upload it fails.

The reason why codesign was not working as previously stated in my original post was because I was using the wrong identity? The command I used was:

codesign -f -s ituneskey.p12 AppName.ipa

However I should have been using the following:

codesign -f -s [Valid Identity Here] AppName.ipa

where [Valid Identity Here] is replaced with the identity used in our developer account and distribution certificate.

I've got that bit working, but now when I use Organiser to either Validate or Distribute the archive I get the following error:

Application failed codesign verification. The signature was invalid, contains disallowed entitlements, or it was not signed with an iPhone Distribution Certificate.

I then went on to read the following post:

http://oleb.net/blog/2011/06/code-signing-changes-in-xcode-4/

In this post I noted a section where it states :

"

Update: Colin Humber, developer at TestFlight, made me aware of a potential problem with this approach. Apparently, the App ID of the provisioning profile that is used for building the app is hardcoded into the binary during the build process. If you later resign the app with a provisioning profile that belongs to different App ID, the one in the binary will no longer match the provisioning profile’s App ID since the binary will not be recompiled. This can cause all sorts of problems with services that rely on the App ID, such as access to the keychain, Push Notifications, or In-App Purchasing.

This issue will not affect you as long as you use your default “wildcard” App ID (the one that looks like

1234567890.*

). But if you use a separate concrete App ID to publish your app on the App Store, you have to make sure to build your app with a provisioning profile that uses the same App ID. You should not use your default Team Provisioning Profile for release builds in that case. Thanks for the heads-up Colin!

"

And since we DO USE a unique AppID per app I think this is the reason why Validation is failing and I'm getting the above stated new error.

Is the solution therefore to add the developer to our developer Team and get him to use our AppID when building the app?

Reply