How to re-sign an iOS app 101

If we want to resign a simple iOS app the first thing we’ll need it’s an Apple certificate installed in our Keychain and a Provisioning Profile linked to it. For this process we’ll need to have Xcode in our Mac.

We’ll start decompressing the .ipa file, for that we open a terminal in the path where we have stored the ipa and we execute the following command

unzip -q filename.ipa

Next we create the entitlements from the .mobileprovision file we created in the Apple developer portal

 /usr/libexec/PlistBuddy -x -c "print :Entitlements " /dev/stdin <<< $(security cms -D -i ./name.mobileprovision) > entitlements.plist

With this we’ll have everything we need to resign the app.

Before resigning we remove the data from the current signature:

 rm -rf “Payload/"

and replace the embedded mobile provision  with our own one

cp ./name.mobileprovision embedded.mobileprovision

mv embedded.mobileprovision “Payload/"

There’s only the signing left to be done using the previously generated entitlements :

    /usr/bin/codesign -fv -s “CommonNameOfCertificate" "Payload/" --entitlements entitlements.plist

It’s worth saying that in case of having Swift support applying this same commandto resign all the included .dylib files included in the Payload/ folder is mandatory.

For this the identity used is the installed certificate’s “Common Name”

That bing don we can compress the app again

zip -qr ResignedApp.ipa Payload

And we’ll have a redy to install .ipa.

In future tutorials we’ll cover more advanced cases like for example apps with keychain access groups, app extensions or making changes to the app’s identifier.

1 thought on “How to re-sign an iOS app 101”

  1. Hi,

    Did you ever get around to the more complex article? In this article you say to re-sign all the .dylibs in the Payload/ folder, but what about the SwiftSupport/iphoneos folder? And how would one do that?


Leave a Comment

¿Necesitas una estimación?

Calcula ahora

Privacy Preference Center

Own cookies

__unam, gdpr 1P_JAR, DV, NID, _icl_current_language

Analytics Cookies

This cookies help us to understand how users interact with our site

_ga, _gat_UA-42883984-1, _gid, _hjIncludedInSample,

Subscription Cookies

These cookies are used to execute functions of the Web, such as not displaying the advertising banner and / or remembering the user's settings within the session.

tl_3832_3832_2 tl_5886_5886_12 tve_leads_unique