I am in a dilemma.
If I set that to distribution I can't test my application on my own IOS. If I set that to distribution I got this error.
Application failed codesign verification. The signature was invalid, contains disallowed entitlements, or it was not signed with an iPhone Distribution Certificate. (-19011)
So what should I do?
If you Archive your release builds and then use the Xcode Organizer to distribute them (using the various options from the "Distribute" button), then Xcode will re-sign your builds with your distribution certificates. So you should always sign your builds with developer certificates, and let the Organizer re-sign them with distribution certificates as needed.
When testing the build, sign the app with Developer Certificate. When releasing it for the app store, use the Distribution Certificate for Signing.
You won't be able to Debug your app with Distribution profile!
Related
When I am accessing a meeting URI using the GuestmeetingJoin sample app, I am getting the following error.
SfbCertificateTrustEngine: Certificate NOT trusted by the standard OS trust manager: X509CertificateInfo
How can I make the library to trust the certificate. What makes the app sdk to trust our certificate. The certificate issued by our CA is not leading to a publicly trusted entity. But we want to try it for Proof of concept for now. I am trying this on Android.
This is not a programing problem but a device setup problem.
The device but have the root certificate (and intermediate certificates) installed into the devices trusted root certificates list.
If your sfb uses a self-signed certificate (which will be my guess) then you need to get and install this self-signed certificate onto the device. How this is done may be different for different devices (PC, Mac, IPhone, IPad, Andriod, etc). See this question on how to install a certificate onto a android device.
I deployed an UWP app on Raspberry with Windows IoT Core.
What will happen when the temporary PFX certificate expire?
the app can still to run on device as the default/startup App?
From: https://msdn.microsoft.com/en-us/library/ff369721.aspx
What do I do if my certificate has expired?
So you have already deployed your application, and now your certificate (purchased or unpurchased) has expired, and you’ve examined the flowchart and determined that your customers are going to have to uninstall and reinstall the application. You can’t even issue an update. Visual Studio will not let you deploy your application with an expired certificate. So what do you do now?
If you need to extend an existing certificate, you can use a program called RenewCert. For details, you can check out my blog post How to extend an existing certificate, even if it has expired.
You can also find a version of RenewCert code on MSDN. I have not tested that specific version, but I’ve heard that it works with test certificates but not purchased certificates. Here’s the link if you want to check it out: http://support.microsoft.com/kb/925521
If you are already using a test certificate, extending it solves your problem. You can sign your deployment with the extended certificate, issue updates, and it will work fine. You can go to lunch, and the rest of us with known publishers can eat at our desks while we continue on. (Can you bring something back for us?)
If you are using a purchased certificate and it has expired, you can use an extended certificate to sign and deploy an update to your application, but it will look like a test certificate. This will seem just like any other update to your customer who already has the application installed, because it does not show the trust dialog when installing an update. New customers will see “Unknown Publisher” in the trust dialog because you are now using a test certificate.
So if your purchased certificate has expired, this enables you to issue an update to the application that programmatically uninstalls the current version and installs a new version signed with the new purchased certificate.
I'm getting the above mention error when my client update their device to iOS 7.1, and then try to update our app from the AppCenter.
After some searching, i found a post with a similar problem here. But then since i'm in an environment where by the client is using AppCenter to update the apps, i can't be using USB to plugin and install the app for them.
Is there any workaround for downloads via AppCenter until a support is released?
A change was introduced to iOS as of iOS 7.1 that requires OTA application installation to take place over HTTPS (rather than HTTP), and no provision exists to allow the user to continue to accept the old behavior (i.e., to permit application installation over HTTP). It is my understanding that this was done as a security enhancement.
In order to do application installations on iOS 7.1 from Application Center, you would need to configure your Application Center to use HTTPS rather than HTTP, using a certificate that will be accepted as valid by your iOS device - that is, either issued by a recognized public CA, or issued by a private CA that you have set up your mobile devices to accept. You can find more information about how to perform this configuration here:
http://pic.dhe.ibm.com/infocenter/wrklight/v6r1m0/topic/com.ibm.worklight.installconfig.doc/appcenter/c_ac_ssl_config.html
I would add some details. (Just work out this question)
We use self developed app center for our customers, to distribute demo/report apps.
You need SSL certificate. (see the post above)
You can buy any kind of public certificate . In some cases you can use self signed certificate previously installed on iOS device by Apple Configurator.
It seems that you don’t have to use https everywhere. Secure URL (https) must have a link to .plist only. The app center web site url and package .ipa url can still be under http.
… and shame on Apple that invents new ways to make developer life hard.
I want to be clear with a question about Sideloading applications for Windows 8 (for use within the company.) Read some articles about it, always write the application before deployment must be cryptographically signed (http://technet.microsoft.com/en-us/library/hh852635.aspx). I found how to sign my app (http://msdn.microsoft.com/ru-RU/library/hh446592%28v=vs.85%29.aspx), but there was a question where to get the key for signature applications. It can be purchased from Verisign, Comodo or a another? If so, what will it take, how much time it takes? Do I understand correctly that the App Packager is not needed for signing app, because the app package generated a Visual Studio, after that you must use CertMgr install the certificate to the domain and sign this certificate application with SignTool? If I'm wrong - please correct me, please
Thank you.
You should be able to generate certificate using Active Directory Certificate Services.
Here is a quick walkthrough on how to generate certificate from AD CS
Active Directory Certificate Services Step-by-Step Guide
If you're doing this without access to AD CS, you may purchase a code signing certificate from any Certificate Authority that offers a RFC3161 timestamping service. The time it takes to get a code signing certificate varies based on how long it takes the certificate authority to verify you are who you say you are.
You will need to manually timestamp the appx file, however, as VS2013 doesn't support using a third party CA's timestamping service when generating appx files. You need to timestamp the appx because otherwise the software will expire the date your code signing certificate expires.
This is how I use the signtool:
signtool sign /fd SHA256 /a /f YourCertKey.pfx /p mypassword /tr http://timestampserver.yourca.com/somepath YourApp.appx
Here is more information on using signtool to sign app packages: http://msdn.microsoft.com/en-us/library/windows/desktop/jj835835(v=vs.85).aspx
If you're attempting to sideload these appx files, you may also need to enable sideload privileges on the computers in question. If you aren't using a domain-joined Windows Enterprise on the client computers, this may involve purchasing side load licenses from Microsoft volume licensing or a partner.
Here is more information about sideloading: http://technet.microsoft.com/en-ca/windows/jj874388.aspx
A customer requested the development of an IOS application, and I've started the development with my apple developer account. I release some Ad-Hoc distribution for validation and the client eventually liked the result and decided to publish in the AppStore in his account.
The client gave me access to his account developer that I would generate the distribution provisioning and publish in ItunesConnect.
The client has two other applications, which are awaiting approval from Apple, which were published by another developer. My problem is that even creating my distribution provisioning, when I download and add to the XCode shows the message "profile does not match any valid certificate / private key pair in the default keychain."
I downloaded the distribution certificate that already existed in the account.
What should I do to fix this problem?
Many thanks,
Andre
You'll need the private key used to sign that profile (the .p12 file is used for interchange). Hopefully your client has it.
You may need to revoke and recreate the clients Distribution certificate, since it is unlikely they have their private keys if they didn't create their current certificates.
You might also consider downloading the clients certificates into a separate Mac User account, and building and signing their app using that account, so you don't mix multiple certificates into the Keychain in your own Mac user account.