Signing iOS applications are required in order to install the applications on mobile devices. Many individuals sign within their development and integration platform, but some are required to sign the applications on designated computers in order to preserve the signing credentials within a trusted environment. Appdome’s private signing script allows users to sign fused apps locally without uploading the signing certificate to Appdome’s cloud service.
This Knowledge Base article provides step-by-step instructions on how to sign your iOS mobile app using Appdome’s Auto-Dev private signing script.
We hope you find this knowledge base useful and enjoy using Appdome!
About Private Signing iOS Apps with Appdome Automatic Script
As an Appdome user, you can sign any Built app either by using Appdome’s built-in signing capabilities, Appdome’s Auto-DEV Private Signing script or using or using your own mechanism outside of Appdome. It’s your choice. However, Signing ios applications outside of Xcode is complex. a developer will need to unzip the application, sign each executable and app extension with the correct certificate and provisioning profile in a specific order, and finally zip back the files to a .ipa process that is both tedious and prone to mistakes. Appdome’s Auto-DEV Private Signing script will achieve all this in second, correct every time.
During the Appdome app Build, Build process adapters are added to the app to achieve the desired added functionality, therefore the app’s original signature is invalidated and must be resigned to allow deploying the app on mobile devices. Appdome allows signing your Built app easily and simply by running a single script.
Appdome’s Auto-DEV private signing script allows users to sign Built apps locally without uploading the signing certificate to Appdome’s cloud service. The unsigned app is embedded in the script generated by Appdome. Running the script on your trusted environment will extract and sign the app using a certificate in your key chain.
Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily integrate features to any mobile app – instantly, no code or coding required.
Prerequisites for Using Appdome’s Auto-DEV Private Signing Script
- Appdome account – IDEAL or Higher.
- Appdome-DEV access
- iOS Mobile App
- Signing Credentials (e.g., signing certificates and provisioning profile) – verify the certificate (with private key) was added to your local Keychain (to add it just ‘double click’ on the certificate).
- Mac OS X computer with:
- Python software (version 2.7 or higher)
- Codesign – Apple utility that adds the signature directly to the executable file (Xcode version 10.1 or higher)
How to Sign an iOS App Using Appdome Auto-DEV Private Signing Script
Select the Sign Tab. Note: a blue underline will appear showing the step is active.
- Select the signing method: Auto-DEV Private Signing.
- Upload the Provisioning Profile that matches your signing certificate.
- Wait for Appdome to verify the signing parameters, then click on Auto-DEV sign Privately button
- Click Next as the Signing Script Generation is Complete!
- Click Download My Built App to download the automatic private signing script (sign.sh). Your Appdome Built unsigned app is embedded in this script.
How to Run Auto-DEV Private Script:
To run the automatic private signing script, use the following command:
./sign.sh --signer <Signer Identity or sha-1 hash> --output <signed_app_ name.ipa
If you need some help with finding the value to enter for the Signer Identity you can enter this command:
./sign.sh --signer help --output SignedTestApp-signed.ipa
Note! In some environments, you may be required to grant executable permissions to the signing script (using chmod +x command):
chmod +x sign.sh
The signing identity is the certificate’s common name or the SHA-1 fingerprint of the certificate. To extract the certificate common name / SHA-1 fingerprint:
- On your computer open the Keychain Access app.
- Choose the certificate you wish to add and open the options menu (left-click).
- Choose ‘Get info’.
- Get the certificate common name / SHA-1 fingerprint
Important Note! The Codesign needs authorized access to your signing certificate in the Keychain. The password for your keychain is normally your user’s password (the one you use to log in on your computer). To ensure the automatic private signing script will run without interruptions, we recommend to ‘Always Allow’ the authorized access to the Keychain.
Now you can run the automatic private signing script with your Signer Identity value:
./sign.sh --signer SIGNER IDENTITY -o SignedTestApp.ipa /var/folders/r8/5r925dbs4g50gj6h1y2wrxkw0000gn/T/tmpAKuVRK/Payload/AppStudioApp.app/Frameworks /libloader.framework/libloader: signed bundle with Mach-O thin (arm64) [com.appdome.libloader] /var/folders/r8/5r925dbs4g50gj6h1y2wrxkw0000gn/T/tmpAKuVRK/Payload/AppStudioApp.app/AppStudio App: replacing existing signature /var/folders/r8/5r925dbs4g50gj6h1y2wrxkw0000gn/T/tmpAKuVRK/Payload/AppStudioApp.app/AppStudio App: signed app bundle with Mach-O thin (arm64) [com.esri.appb1e53c73b9b248c09cf2b6fe8ac3318f]
Congratulations! You now have a signed Built app with Appdome’s Auto-DEV private signing script.
How Do I Learn More?
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.