I have been working on signing an app from a developer for our own purpose of publishing it to our intune company portal. The older version of the app I can sign and publish without issue. We do have an enterprise dev account, and all they provide us is the source code.
The original version does not use Push notifications, nor does it show to have any framework subfolders. That one I sign by this script I've modified over time, ( security cms -D -i [mobilprovisionfilenamefromentdevsite].mobileprovision > provision.plist
/usr/libexec/PlistBuddy -x -c 'Print :Entitlements' provision.plist > entitlements.plist
unzip -qq [appname]22_5_1.ipa
rm -rf Payload/[appname].app/_CodeSignature/
cp [mobilprovisionfilenamefromentdevsite].mobileprovision Payload/[appname].app/embedded.mobileprovision
/usr/bin/codesign --force --deep --verify --sign "[Our Certificate name redacted]" -i [the app identity name from the identity creation] --entitlements entitlements.plist Payload/[appname].app/Frameworks/*
codesign -dvv Payload/[appname].app/ zip -qr [appname]22_5_1-resigned.ipa Payload/
#Copy the support files for backup mkdir [appname]22_5_1-resigned-support mv entitlements.plist [appname]22_5_1-resigned-support mv Payload [appname]22_5_1-resigned-support mv provision.plist [appname]22_5_1-resigned-support ) This works fine for the old version without Frameworks or Push Notifications
The New One I have just added two lines to the script to sign the FrameWorks.
rm -rf Payload/[appname].app/Frameworks/*/_CodeSignature/
/usr/bin/codesign --force --deep --verify --sign "[Our Certificate name redacted]" -i [the app identity name from the identity creation] --entitlements entitlements.plist Payload/[appname].app/Frameworks/*
When I try it with or without signing the FrameWorks I am unable to get the app to function.
It will load on the IPhones then just give error of "Install Pending" or "Install Failed" (0x87D13B64)
We do not have access to the source code, so I cannot put it into XCode to sign it. I did recreate the mobile provisioning profile with APN and created a Cert to attach to it. I'm not sure if I need to add that certificate somewhere else or if I'm signing something wrong, but this new version is kicking my ****..