How Appdome Enables Signing Secured iOS Apps without Xcode

Last updated November 23, 2022 by Appdome

Code signing is a prerequisite for installing any app on a mobile iOS device.
A valid signature, which uses an Apple-issued certificate, ensures the integrity of an app and stands as proof that the app comes from a known and approved source and has not been tampered with.
By enforcing mandatory code signing, Apple ensures that no third-party app loads unsigned code resources or uses self-modifying code.

During the Appdome app Build, Build process adapters are added to the app to achieve the requested added functionality. As a result, the app’s original signature is invalidated and must be resigned to allow deploying the app on mobile devices.

Appdome allows signing an app via the Sign tab, by using any of the following methods:

  • On Appdome

Allowing Appdome to take care of the entire signing process. You only need to provide the signing credentials. For details and specified instructions, see section
3 Easy Steps to Sign Secured iOS Apps on Appdome below.

  • Private Signing

Gives you full responsibility for handling the entire signing process. For details, see topic How to Privately Code Sign Sealed iOS Apps using DevSecOps Build System.

  • Auto-DEV Private Signing

Allows you to sign the app without uploading the signing certificate to Appdome’s cloud service.
Appdome provides you with a script (.sh file), which runs on your trusted environment and signs the app by using your credentials    (certificate and password) as input. For details, see topic How to Automate Secure iOS App Code Signing in DevOps CI/CD.

As part of the Appdome signing process of secured iOS apps, by using either Auto-dev Private Signing or Signing on Appdome, you are required to extract and upload a Provisioning Profile and an entitlement file for each executable in the app, and when using signing on Appdome, a P12 certificate and its password.

This article providing instructions for signing sign Secured iOS Apps on Appdome without Xcode

Why Should I sign my Application on Appdome?

As an Appdome user, you can choose whether to sign any Appdome-built app by using Appdome’s built-in signing capabilities or by using your own mechanism outside of Appdome. You are however strongly advised to deploy apps from Appdome, as this process is quick and easy for any iOS app, including Native iOS, hybrid apps and non-native apps built-in Xamarin, Cordova, React Native, Ionic and more. Deploying apps from Appdome leverages unique capabilities such as Automatic deployment of Fused apps into the Apple App Store and Leading EMM Stores.

3 Easy Steps to Sign Secured iOS Apps on Appdome without Xcode

Follow these step-by-step instructions to sign secured iOS Apps without Xcode.

  1. Select the Sign Tab.
    A blue underline appears, indicating that the step is active.
  2. Select On Appdome as the signing method.
    Upload the Provisioning Profile that matches your signing certificate and wait for Appdome to verify the signing parameters, then click on the Sign button.
    Note: If your application contains multiple executable files, ensure that you upload a provisioning profile for each file.
    Optionally: Toggle ON the option Manual Entitlements Matching if you want to set an entitlement plist file to use when signing an app on Appdome.When this feature is OFF, Appdome creates an entitlements file based on the entitlements used for signingthe non-protected app.Optionally, upload an Entitlement file for each of your app executables. If you do not do so, Appdome will generate entitlement files automatically from your unsigned application executables.
  3. Click Sign My App.
    Screen Shot 2022 10 04 At 10.51.11
    When you click Sign My App, Appdome will analyze the built app’s extensions, frameworks, and resources, and calculate a checksum that represents an exact state of each component within the app. Embedding the checksum into the app’s executables ensures that the app cannot be modified or tampered with once the signing is complete.
    Screen Shot 2022 10 04 At 10.55.12
    Congratulations! You now have a signed Fused app ready to deploy.

For additional information about Appdome’s checksum validation, see article Running a Checksum Validation of Android and iOS Apps.

For information about additional anti-tampering features provided by Appdome, see article How to Build Anti-Tampering in Android & iOS Apps.

Prerequisites to Sign Secured iOS Apps Without Xcode

Follow these steps to add a mobile app to your Appdome account.
If you do not have an Appdome account, click here to create an account.

Complete the workflow of  Building an app and Updating App icon branding.

To sign your iOS app, you need a valid signing certificate stored in the iOS development environment.

To use your signing credentials, you need access to the following.

  • Built (Fused) mobile app
  • P12 Certificate File – A P12 certificate file is a certificate and private key concatenated into a single file, protected by a password.
  • P12 Certificate Password – The password used for unlocking your P12 certificate file.
  • Provisioning Profile – A Provisioning Profile allows you to install apps onto your iOS device and includes the signing certificates, a list of supported device identifiers, entitlements, and an App ID.
  • Optional – entitlements files.

What to Do after Signing iOS Apps

Deploy the Appdome-Build App to a Mobile Device

Once you have signed your Appdome-Built app, you can download to deploy it by using your distribution method of choice. For additional details on deploying your Appdome-Built apps, see article How to Auto Publish Secured Android & iOS Apps to app stores.

That is it – Enjoy your Fused app!

Additional details about Signing iOS Apps on Appdome

To lean more abut signing iOS apps on Appdome:

NEED HELP?

let's solve it together

PascalMaking your security project a success!
By filling out this form, you opt-in to recieve emails from us.