How Appdome Enables Signing Secured iOS Apps without Xcode
Code signing is a requirement for installing any app on an iOS mobile device.
A valid signature, using an Apple-issued certificate, ensures the integrity of an app and provides proof that the app comes from a known and approved source and has not been tampered with.
By enforcing code signing, Apple ensures that no third-party app loads unsigned code resources or uses self-modifying code.
During the Appdome app build process, build process adapters are added to the app to achieve the requested additional functionality. As a result, the app’s original signature is invalidated and must be re-signed in order for the app to be deployed on mobile devices.
Appdome allows signing an app via the Sign tab, by using any of the following methods:
- On Appdome
Allow Appdome to take care of the entire signing process. You only need to provide the signing credentials. For details and specific, see section
3 Easy Steps to Sign Secured iOS Apps on Appdome below.
- Private Signing
Gives you full responsibility for managing the entire signing process. For details, see topic How to Privately Code Sign Sealed iOS Apps using DevSecOps Build System.
- Auto-DEV Private Signing
Allows you to sign the app without uploading the signing certificate to Appdome’s cloud service.
Appdome provides you with a script (.sh file) that runs on your trusted environment and signs the app by using your credentials (certificate and password) as input. For details, see topic How to Automate Secure iOS App Code Signing in DevOps CI/CD.
As part of the Appdome signing process of secured iOS apps, by using either Auto-dev Private Signing or Signing on Appdome, you are required to extract and upload a Provisioning Profile and an entitlement file for each executable in the app, and when using signing on Appdome, a P12 certificate and its password.
This article provides instructions for signing sign Secured iOS Apps on Appdome without Xcode.
Why Should I Sign my Application on Appdome?
As an Appdome user, you can choose to sign any Appdome-built app by using Appdome’s built-in signing capabilities or by using your own mechanism outside of Appdome. However, you are strongly encouraged to deploy apps from Appdome, as this process is quick and easy for any iOS app, including Native iOS, hybrid apps, and non-native apps integrated with Xamarin, Cordova, React Native, Ionic, and more. Deploying apps from Appdome takes advantage of unique features such as automatic deployment of Fused apps to the Apple App Store and Leading EMM Stores.
3 Easy Steps to Sign Secured iOS Apps on Appdome without Xcode
Follow these step-by-step instructions to sign secured iOS Apps without Xcode.
- Select the Sign Tab.
A blue underline appears, indicating that the step is active.
- Select On Appdome as the signing method.
Upload the Provisioning Profile that matches your signing certificate and wait for Appdome to verify the signing parameters, then click on the Sign button.
Note: If your application contains multiple executable files, ensure that you upload a provisioning profile for each file.
Optionally: Toggle ON the option Manual Entitlements Matching if you want to set an entitlement plist file to use when signing an app on Appdome.When this feature is OFF, Appdome creates an entitlements file based on the entitlements used for signingthe non-protected app.Optionally, upload an Entitlement file for each of your app executables. If you do not do so, Appdome will automatically generate entitlement files from your unsigned application executables.
- Click Sign My App.
When you click Sign My App, Appdome will analyze the built app’s extensions, frameworks, and resources, and calculate a checksum that represents an exact state of each component within the app. Embedding the checksum into the app’s executables ensures that the app cannot be modified or tampered with once the signing is complete.
Congratulations! You now have a signed Fused app ready to deploy.
For additional information about Appdome’s checksum validation, see article Running a Checksum Validation of Android and iOS Apps.
For information about additional anti-tampering features provided by Appdome, see article How to Build Anti-Tampering in Android & iOS Apps.
Prerequisites to Sign Secured iOS Apps Without Xcode
To sign your iOS app, you need a valid signing certificate stored in the iOS development environment.
To use your signing credentials, you need access to the following.
- Built (Fused) mobile app
- P12 Certificate File – A P12 certificate file is a certificate and private key concatenated into a single file, protected by a password.
- P12 Certificate Password – The password used for unlocking your P12 certificate file.
- Provisioning Profile – A Provisioning Profile allows you to install apps onto your iOS device and includes the signing certificates, a list of supported device identifiers, entitlements, and an App ID.
- Optional – entitlements files.
What to Do after Signing iOS Apps
Deploy the Appdome-Build App to a Mobile Device
Once you have signed your Appdome-Built app, you can download to deploy it by using your distribution method of choice. For additional details on deploying your Appdome-Built apps, see article How to Auto Publish Secured Android & iOS Apps to app stores.
That is it – Enjoy your Fused app!
Additional details about Signing iOS Apps on Appdome
To lean more abut signing iOS apps on Appdome:
- Request a demo at any time.
- If you have any questions, you are welcome to contact us at firstname.lastname@example.org or via the chat window on the Appdome platform.
- How to Privately Code Sign Sealed iOS Apps
- How to Automate Secure iOS App Code Signing in DevOps CI/CD
- How to Use Code Sign on Mac for Secured iOS Apps
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.