From what I understand, Xcode can re-sign an .ipa from an archive during the App store submission process, making it possible for you to create an archive with a Developer Provisioning Profile, and then sign it with a Distribution profile later. Here is a post that explains what I am talking about: http://oleb.net/blog/2011/06/code-signing-changes-in-xcode-4/
Unfortunately, I can't get it to work. When I create an archive using a Developer profile, then try to submit it with a Distribution profile, I get the following error: "Application failed codesign verification. The signature was invalid, contains disallowed entitlements or it was not signed with an iPhone Distribution Certificate"
The application does not use any entitlements and has no entitlements file. The error is correct that "it was not signed with an iPhone Distribution Certificate", because it was originally signed with a developer certificate, and I am attempting to resign it with a Distribution certificate. I thought this was a valid thing to do...
The problem here is that when you originally archived it would have set the entitlements to be compatible with a developer profile, such as the get-task-allow
set to true
but you're re-signing using a distribution profile which requires get-task-allow
to be false
. Unfortunately it can't go and change the entitlements and so you get this problem.
I'm not entirely sure why Apple can't make it so that it can go and change the entitlements and do all the magic there. The code, resources, etc will all be the same after all.