Very tricky question about iPhone/iPad resigned builds behaviors

Question

Here's the thing..

Scenario:

I got a ipa file which I get as a result of an Archive + Share process using XCode. The ipa file is signed using ad hoc distribution certificates and it can be installed without any problems.

The application saves some information in the keychain which is accessed without any problems using the build I just made.

After that, I re-sign the application using the codesign command with Enterprise distribution certificate after making some changes in the applicaction.app package. This changes includes changing the name of the application and bundle id from the info.plist file, and of course, replace the embedded mobile provisioning profile with the one that matches the new certificate.

The Problem:

After resigning every seems to be all right, installation and functionality seems to work ok.... BUT! when I enter the information that is saved in the keychain, the data seems not to load or be wiped from the keychain every time I close the app.

Ideas of why is this happening?

Answer 1

I have searched hours for this problem... This is the solution, how the app resigning worked with our app. We got an IPA file from a customer and resigned it with our certificate. Accessing the Keychain works. The bundle.id was not changed in our case.

Which files you need:

• MyApp.ipa
• MyApp_EnterpriseDistribution.mobileprovision (Enterprise Distribution Provisioning Profil)
• Entitlements.plist

All files are in the same directory. If the files were located in different folders, you have to change the path in the code

First, we create an "Entitlements.plist". Create a txt file and put in the following code. Put in your application identifier.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>application-identifier</key>
    <string>GBA9L2EABG.com.your.bundle.id.MyApp</string>
    <key>get-task-allow</key>
    <false/>
</dict>
</plist>

Save this file and rename it to: "Entitlements.plist"

Open the terminal, move to the folder and execute this codes, replace "MyApp" with your Appname and "NAME OF YOUR..." with the name of your certificate and "MyApp_EnterpriseDistribution" to your provisioning file:

unzip MyApp.ipa

//we didn't used the following, maybe necessary...
//rm -r "Payload/MyApp.app/_CodeSignature" "Payload/MyApp.app/CodeResources" 2> /dev/null | true

cp MyApp_EnterpriseDistribution.mobileprovision Payload/MyApp.app/embedded.mobileprovision

codesign -f -s "iPhone Distribution: NAME OF YOUR DISTRIBUTION CERTIFICATE" --resource-rules Payload/MyApp.app/ResourceRules.plist --entitlements Entitlements.plist  Payload/MyApp.app

zip -qr MyApp-resigned.ipa Payload/

And now you have an Ipa with your certificate.

hint: the certificate with this name should be unique in your keychain...