Re-signing IPA files
Scenario: You have an IPA that you want to test on a device, but the IPA was generated using a provisioning profile that does not include the device, and was signed with a certificate that is not yours. You drag this IPA to XCode’s organizer window hoping it would be installed on the connected device, but this results in an Unknown error
.
Turns out that this is easy to fix. Here’s how to make it work.
First, unpack the IPA (unzip -q <IPA>
). This would create a directory named Payload
and a few other files. Delete the existing signature in the extracted package:
rm -rf "Payload/*.app/_CodeSignature" "Payload/*.app/CodeResources"
For the next step, you need two things: a valid provisioning profile and a valid certificate. Both can be obtained via the iOS developer portal.
Replace the provisioning profile first
cp <PROVISIONING_PROFILE> "Payload/*.app/embedded.mobileprovision"
Then resign using your certificate (the certificate must be present in your keychain)
/usr/bin/codesign -f -s "<CERTIFICATE>" --resource-rules "Payload/*.app/ResourceRules.plist" "Payload/*.app"
Now you can recreate the IPA and then drag & drop it in the XCode organizer to install it on the device!
zip -qr <IPA_resigned> Payload
Edit: If you are looking for user friendly options, check out the script by Daniel or the app by Brian.